213985 – CVE-2006-5705: wordpress < 2.0.5 directory traversal vulnerability

Bug 213985 - CVE-2006-5705: wordpress < 2.0.5 directory traversal vulnerability

Summary: CVE-2006-5705: wordpress < 2.0.5 directory traversal vulnerability

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	wordpress
Sub Component:
Version:	6
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	John Berninger
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	216186 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-11-04 09:36 UTC by Ville Skyttä
Modified:	2007-11-30 22:11 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-12-03 18:22:01 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ville Skyttä 2006-11-04 09:36:05 UTC

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5705

"Directory traversal vulnerability in plugins/wp-db-backup.php in WordPress
before 2.0.5 allows remote attackers to read arbitrary files via directory
traversal sequences in unspecified parameters related to the backup of fragment
files."

Based on the version number, all FE releases are affected.

Comment 1 Dennis Gilmore 2006-11-17 17:34:00 UTC

*** Bug 216186 has been marked as a duplicate of this bug. ***

Comment 2 Dennis Gilmore 2006-12-01 04:35:42 UTC

ping

Comment 3 John Berninger 2006-12-03 18:22:01 UTC

Patches FC-[456], updated devel to 2.0.5

Note You need to log in before you can comment on or make changes to this bug.