CVE-2009-2762
Published: 13 August 2009
wp-login.php in WordPress 2.8.3 and earlier allows remote attackers to force a password reset for the first user in the database, possibly the administrator, via a key[] array variable in a resetpass (aka rp) action, which bypasses a check that assumes that $key is not an array.
Notes
| Author | Note |
|---|---|
| ari-tczew | Exploit: http://www.securityfocus.com/bid/36014/exploit |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
wordpress Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| hardy |
Ignored
(end of life)
|
|
| intrepid |
Ignored
(end of life, was needed)
|
|
| jaunty |
Ignored
(end of life)
|
|
| karmic |
Not vulnerable
(2.8.4-1ubuntu1)
|
|
| lucid |
Not vulnerable
(2.8.4-1ubuntu1)
|
|
| maverick |
Not vulnerable
(2.8.4-1ubuntu1)
|
|
| natty |
Not vulnerable
(2.8.4-1ubuntu1)
|
|
| oneiric |
Not vulnerable
(2.8.4-1ubuntu1)
|
|
| upstream |
Released
(2.8.4)
|
|
|
Patches: upstream: http://core.trac.wordpress.org/changeset/11798 |
||