Bug 213985

Summary: CVE-2006-5705: wordpress < 2.0.5 directory traversal vulnerability
Product: [Fedora] Fedora Reporter: Ville Skyttä <scop>
Component: wordpressAssignee: John Berninger <john>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 6CC: dennis, extras-qa, fedora-security-list
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-12-03 18:22:01 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ville Skyttä 2006-11-04 09:36:05 UTC 
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5705

"Directory traversal vulnerability in plugins/wp-db-backup.php in WordPress
before 2.0.5 allows remote attackers to read arbitrary files via directory
traversal sequences in unspecified parameters related to the backup of fragment
files."

Based on the version number, all FE releases are affected.
Comment 1 Dennis Gilmore 2006-11-17 17:34:00 UTC 
*** Bug 216186 has been marked as a duplicate of this bug. ***
Comment 2 Dennis Gilmore 2006-12-01 04:35:42 UTC 
ping
Comment 3 John Berninger 2006-12-03 18:22:01 UTC 
Patches FC-[456], updated devel to 2.0.5