Veracode Vulnerability DatabaseVERACODE:7103

HistoryJul 19, 2018 - 5:28 a.m.

Directory Traversal

2018-07-1905:28:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

wordpress is vulnerable to denial of service (DoS) attacks. The vulnerability exists in wp-includes/class-phpass.php where a large password can be used to attempt to cause DoS attacks in a password protected post.

CPENameOperatorVersion
johnpbloch/wordpress-corele3.5.1

CPE	Name	Operator	Version
	johnpbloch/wordpress-core	le	3.5.1

References

archives.neohapsis.com/archives/bugtraq/2013-06/0052.html

codex.wordpress.org/Version_3.5.2

openwall.com/lists/oss-security/2013/06/12/2

wordpress.org/news/2013/06/wordpress-3-5-2/

www.debian.org/security/2013/dsa-2718

github.com/WordPress/WordPress/commit/ccf39f33c91885334d643ce155afae12466f9417

github.com/wpscanteam/wpscan/issues/219

vndh.net/note:wordpress-351-denial-service

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

Related for VERACODE:7103