Fedora 27 : wordpress (2018-d48955723f)

🗓️ 16 Apr 2018 00:00:00Reported by TenableType
WordPress 4.9.5 Security and Maintenance Release includes fixes for three security issues and 25 other bugs, as well as improved compatibility with PHP 7.2
Source	Link
bodhi	www.bodhi.fedoraproject.org/updates/FEDORA-2018-d48955723f
hackerone	www.hackerone.com/nitstorm
nessus	www.nessus.org/u
profiles	www.profiles.wordpress.org/xknown
twitter	www.twitter.com/voldemortensen
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2018-d48955723f.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(109049);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_xref(name:"FEDORA", value:"2018-d48955723f");

  script_name(english:"Fedora 27 : wordpress (2018-d48955723f)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"**WordPress 4.9.5 Security and Maintenance Release**

WordPress 4.9.5 is now available. This is a security and maintenance
release for all versions since WordPress 3.7. We strongly encourage
you to update your sites immediately.

WordPress versions 4.9.4 and earlier are affected by three security
issues. As part of the core team's ongoing commitment to security
hardening, the following fixes have been implemented in 4.9.5 :

  - Don't treat localhost as same host by default.

  - Use safe redirects when redirecting the login page if
    SSL is forced.

  - Make sure the version string is correctly escaped for
    use in generator tags.

Thank you to the reporters of these issues for practicing
&#xFEFF;[coordinated security
disclosure](https://make.wordpress.org/core/handbook/testing/reporting
-security-vulnerabilities/):
[xknown](https://profiles.wordpress.org/xknown) of the WordPress
Security Team, [Nitin Venkatesh
(nitstorm)](https://hackerone.com/nitstorm), and [Garth
Mortensen](https://twitter.com/voldemortensen) of the WordPress
Security Team.

Twenty-five other bugs were fixed in WordPress 4.9.5. Particularly of
note were :

  - The previous styles on caption shortcodes have been
    restored.

  - Cropping on touch screen devices is now supported.

  - A variety of strings such as error messages have been
    updated for better clarity.

  - The position of an attachment placeholder during uploads
    has been fixed.

  - Custom nonce functionality in the REST API JavaScript
    client has been made consistent throughout the code
    base.

  - Improved compatibility with PHP 7.2.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-d48955723f"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://hackerone.com/nitstorm"
  );
  # https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?60126fdc"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://profiles.wordpress.org/xknown"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://twitter.com/voldemortensen"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected wordpress package."
  );
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:wordpress");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:27");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/04/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/16");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^27([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 27", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC27", reference:"wordpress-4.9.5-1.fc27")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "wordpress");
}
06 Jan 2021 00:00Current
5.6Medium risk
Vulners AI Score5.6