FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- remote privilege escalation

Affected packages
de-wordpress < 2.6.2
wordpress < 2.6.2
wordpress-mu < 2.6.2
0 < zh-wordpress

Details

VuXML ID 884fced7-7f1c-11dd-a66a-0019666436c2
Discovery 2008-09-08
Entry 2008-10-22
Modified 2010-05-12

The Wordpress development team reports:

With open registration enabled, it is possible in WordPress versions 2.6.1 and earlier to craft a username such that it will allow resetting another users password to a randomly generated password. The randomly generated password is not disclosed to the attacker, so this problem by itself is annoying but not a security exploit. However, this attack coupled with a weakness in the random number seeding in mt_rand() could be used to predict the randomly generated password.

References

Bugtraq ID 31068
CVE Name CVE-2008-4107
URL http://wordpress.org/development/2008/09/wordpress-262/