Date: Wed, 24 Apr 2013 22:53:35 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com, kseifried@...hat.com Subject: Re: WP-Super-Cache XSS and Remote Code Exec On Wed, Apr 24, 2013 at 12:30:57PM -0600, Kurt Seifried wrote: > http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html > > To test leave a comment like: <!?mfunc echo PHP_VERSION; ?><!?/mfunc?> > > To fix it they added a mfunc filter in wp-super-cache-1.3/wp-cache.php: > > +add_filter( 'preprocess_comment','no_mfunc_in_comments' ); > +add_filter( 'comment_text','no_mfunc_in_comments' ); > +add_filter( 'comment_excerpt','no_mfunc_in_comments' ); > +add_filter( 'comment_text_rss','no_mfunc_in_comments' ); > > Please use CVE-2013-2009 for this issue. I was going to request CVEs for these today. No idea why WordPress guys aren't doing this, but they probably think it will take too much time and in some days it might. There is a lot of plugins and also lots of vulnerabilities in them. Should CVE-2013-2009 be used also for w3-total-cache issue? --- Henri Salo Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.