[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wordpress security update

Hi Markus,
  I nearly missed this one. If you go to WPScan[1] which is a great resource it says it is versions 4.7.0-4.7.2 only which implies that jessie is not impacted.

However, I also go look at the 4.1 changesets on the upstream[2] as they have done all the hard work (mainly) of backporting the patches to jessie or at least a generic 4.1 wordpress. Within that you will see changeset 40176[3] which is the 4.1 verison of 40169 which is the changeset for this patch in the 4.7 branch.

So my whole rationale for adding this one in and going against what WPScan said is purely 40176 is in the 4.1 branch of the upstreams svn. Looking at the relevant file it does look like it does things and not dead or unreachable code, so I think 4.1 is vulnerable, but PHP code is horrible to debug for that sort of thing.

 - Craig

1: https://wpvulndb.com/
2: https://core.trac.wordpress.org/log/branches/4.1
3: https://core.trac.wordpress.org/changeset/40176/branches/4.1

Craig Small (@smallsees)   http://dropbear.xyz/     csmall at : enc.com.au
Debian GNU/Linux           http://www.debian.org/   csmall at : debian.org
GPG fingerprint:        5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Reply to: