Vulnerabilities > CVE-2009-3622 - Cryptographic Issues vulnerability in Wordpress
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Algorithmic complexity vulnerability in wp-trackback.php in WordPress before 2.8.5 allows remote attackers to cause a denial of service (CPU consumption and server hang) via a long title parameter in conjunction with a charset parameter composed of many comma-separated "UTF-8" substrings, related to the mb_convert_encoding function in PHP.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Seebug
bulletinFamily | exploit |
description | CVE ID: CVE-2009-3622 WordPress是一款免费的论坛Blog系统。 WordPress的wp-trackback.php脚本允许用户向mb_convert_encoding()函数提交多个源字符编码。如果远程攻击者在提交的HTTP请求中包含有超长的标题参数和由多个逗号分隔的UTF-8子字符串所组成的字符集参数,就可以占用大量CPU资源。 WordPress < 2.8.5 厂商补丁: WordPress --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/ |
id | SSV:12520 |
last seen | 2017-11-19 |
modified | 2009-10-27 |
published | 2009-10-27 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-12520 |
title | WordPress Trackback脚本拒绝服务漏洞 |
References
- http://codes.zerial.org/php/wp-trackbacks_dos.phps
- http://marc.info/?l=oss-security&m=125612393329041&w=2
- http://marc.info/?l=oss-security&m=125614592004825&w=2
- http://rooibo.wordpress.com/2009/10/17/agujero-de-seguridad-en-wordpress/
- http://seclists.org/fulldisclosure/2009/Oct/263
- http://secunia.com/advisories/37088
- http://security-sh3ll.blogspot.com/2009/10/wordpress-resource-exhaustion-denial-of.html
- http://securitytracker.com/id?1023072
- http://wordpress.org/development/2009/10/wordpress-2-8-5-hardening-release/
- http://www.osvdb.org/59077
- http://www.vupen.com/english/advisories/2009/2986
- https://bugzilla.redhat.com/show_bug.cgi?id=530056
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53884