|
Message-ID: <52687839.4000105@redhat.com> Date: Wed, 23 Oct 2013 19:30:33 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE for Wordpress plugin Portable-phpmyadmin -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/22/2013 09:00 PM, Anant Shrivastava wrote: > Exactly, You request the proper url and it lets you in as well as > let you perform all database level operations available on that > specific file. some sample screenshots should clear the issue > (attached for reference). [while phpmyadmin requires a valid userid > and password for mysql db these credentials are pulled from > wp-config.php (wordpress config fle) file directly in this plugin] > > Besides these two, there are a large number of full path disclosure > on the whole project also however as wordpress itself doesn't > consider that as a security issue rather mark it as a configuration > issue > (http://codex.wordpress.org/Security_FAQ#Why_are_there_path_disclosures_when_directly_loading_certain_files.3F) > Hence those are not reported. > > > Anant Shrivastava GWAPT | CEH | RHCE Mob : 91-9880166033 E-mail : > anant@...ntshri.info <mailto:anant@...ntshri.info> Web : > http://anantshri.info Please use CVE-2013-4462 for the auth bypass portion of these vulnerabilitties. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSaHg5AAoJEBYNRVNeJnmTQksP/2NlMC93l36a3Oe/ymjuXWcz 7dwAleXexfiLpAAANOtyT6c2G5yZSgAzUp3A2W6My2JgQE1i5gtgIBcpuegggXlE lhuQaZN0Xg/2aLsB8VV1lNRfmr+t+/4MzdMxfJ+ssuTCPi/o/5V/kQy5pKJMUjP7 lh1O+OfjFqtdk5q23elS5hvd6IQFIF+zv7H6s3UAiydcN5FYIbzVikVJdKwX0ldW SuU3JLOsuVbfiqdjcP34ao56PP7Oc3kDNTduD6s9QO85/yGmKjP9JzEKjWGLvl9+ 4GRliHW1hAYC3f177hfrgf0umWpyesA64i7FbfRCNoGONyEDOR8ow7/t5cIg0lkY ZaLkBAMPXQrxxoDeGOUXNgL1YJv8iZfHTNi6FuapaZ2CWOetu1SmBft2aSUoeXAx nM4iOpWJ6aZOzAgCgU8Axcn6BjIHZb1K4+QTbt5kVrHa3L8ByjwhyzIqUc/Jq3d4 G4GvnXlA60UnpcTFb+ju1fFVwI/Mnr5GmR8ef0/+blLUGsB+gp1VR+2Xo7JlRONQ Gy93p6VCsTuFwT9jNIz0dvsV0xs8xGhaEIkuIq5DL0n6TGyDw9B/VLygEAy322X2 Eaa/4AB/epPwtBEh3acS7Xn+l2VCg3S+cQsRxhMPj8JhqEM0sUuI9lNYZzUXSBqO Y66NUitSzjzNWAZ2XxFf =epl0 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.