PublicDate: 2008-01-10 00:46:00 UTC
Candidate: CVE-2008-0194
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0194
Description:
 Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3
 and earlier allows remote attackers to read arbitrary files, delete
 arbitrary files, and cause a denial of service via a .. (dot dot) in the
 backup parameter in a wp-db-backup.php action to wp-admin/edit.php.  NOTE:
 this might be the same as CVE-2006-5705.1.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_wordpress:
upstream_wordpress: released (2.0.4)
dapper_wordpress: ignored (reached end-of-life)
edgy_wordpress: not-affected (2.0.4-2)
feisty_wordpress: not-affected (2.1.3-1ubuntu1)
gutsy_wordpress: not-affected (2.2.2-1ubuntu1.1)
hardy_wordpress: not-affected (2.3.2-1ubuntu1)
intrepid_wordpress: not-affected (2.3.2-1ubuntu1)
jaunty_wordpress: not-affected (2.3.2-1ubuntu1)
karmic_wordpress: not-affected (2.3.2-1ubuntu1)
devel_wordpress: not-affected (2.3.2-1ubuntu1)