Jump to content
TCH-Thomas

Wordpress "admin-ajax.php" Sql Injection

Recommended Posts

From: Secunia (http://secunia.com/advisories/25345/)

Rating: Moderately critical

 

Description:

Janek Vind has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

 

Input passed to the "cookie" parameter in wp-admin/admin-ajax.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

 

Successful exploitation allows e.g. retrieving administrator password hashes, but requires knowledge of the database table prefix.

 

The vulnerability is confirmed in version 2.1.3. Prior versions may also be affected.

 

Solution:

Update to version 2.2.

 

Wordpress 2.2 was released on May 16. For those who missed the announcement, please click here.

Share this post


Link to post
Share on other sites

Do you know if this vulnerability affects the 2.0.x code base?

Share this post


Link to post
Share on other sites
The vulnerability is confirmed in version 2.1.3. Prior versions may also be affected.

Share this post


Link to post
Share on other sites

But where they aren't clear is whether prior versions of the 2.1.x code line could be affected, or whether prior versions of 2.0.x code line might be affected as well.

Share this post


Link to post
Share on other sites

Exactly. That's all the information that was provided. To be sure upgrade.

Share this post


Link to post
Share on other sites

Hmm isn't the version being offered in Fantastico vulnerable? I don't have access to my cPanel from here as works ave blocked my domain.

Share this post


Link to post
Share on other sites

Does TC have any control over the Fantastico on here? I mean I just installed WP via Fantastico to play with it and I am aware it is out of date but many people just install stuff from Fantastico and don't bother to check if it's the latest version or even check for updates in the future.

Share this post


Link to post
Share on other sites

No, that's gets updated by the Fantastico people. And they are usually at least one rev behind most of the time. I always do manual installs. It's not that difficult.

Share this post


Link to post
Share on other sites

I was thinking more of TC adding a notice on the Fantastico page saying that the scripts offered are possibly out of date and that the person installing should check for updates once the script has been installed as it is easier to update than to install from scratch.

Share this post


Link to post
Share on other sites

Since cPanel updates are pushed out constantly there is no current method to add comments to it. Maybe a future version of cPanel will allow for comments to be added generically so notifications can be added easily.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...