FreeBSD Ports: Wordpress Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.cvedetails.com/cve/CVE-2010-4257/ http://www.vuxml.org/freebsd/8c93e997-30e0-11e0-b300-485d605f4717.html

Insight

The following packages are affected: wordpress de-wordpress zh-wordpress-zh_CN zh-wordpress-zh_TW CVE-2010-4257 SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.

Severity

Classification

CVE CVE-2010-4257
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: asterisk14
FreeBSD Ports: apache
FreeBSD Ports: apr1
FreeBSD Ports: clamav
django -- multiple vulnerabilities

FreeBSD Ports: wordpress

Take action and discover your vulnerabilities