CVE-2008-5695 Details

CVE-2008-5695

Published: 2008-12-19
Last Modified: 2017-09-29
CVE Author: NIST National Vulnerability Database
CVE Assigner: cve@mitre.org
Summary

wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.

Analysis
Common Vulnerability Score System v2.0
Severity High
Base Score 8.5/10
Exploit Score 6.8/10
Access Vector Network
Access Complexity Medium
Authentication Single
Impact Score 10/10
Confidentiality Impact Complete
Availability Impact Complete
Integrity Impact Complete
Vector String AV:N/AC:M/Au:S/C:C/I:C/A:C
Common Vulnerability Score System v3.1

NIST has not assigned a CVSSv3.1 Score.

Products Reported
CPE Vulnerable Start Excluding
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.6.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.6.2:beta_2:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.6.2.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.6.2.1:beta_2:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.71-gold:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.72:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.72:beta1:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.72:beta2:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.72:rc1:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:0.711:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0-platinum:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0.1-miles:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.0.2-blakey:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2:beta:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2-delta:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2-mingus:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.3.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.4:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5-strayhorn:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5.1.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:1.6:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.7:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.8:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.9:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.10:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.10_rc1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.10_rc2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.0.11:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1:alpha_3:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1.3_rc1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.1.3_rc2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.2.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.3.1:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:2.3.1:rc1:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress_mu:1.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress_mu:1.2.2:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress_mu:1.2.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress_mu:1.3:*:*:*:*:*:*:* Yes - -
cpe:2.3:a:wordpress:wordpress_mu:*:*:*:*:*:*:*:* Yes - -
References

http://mu.wordpress.org/forums/topic.php?id=7534&page&replies=1
http://secunia.com/advisories/28789
http://securityreason.com/securityalert/4798
http://www.buayacorp.com/files/wordpress/wordpress-mu-options-overwrite.html
http://www.buayacorp.com/files/wordpress/wp-blog-option-overwrite.txt
http://www.securityfocus.com/bid/27633
https://www.exploit-db.com/exploits/5066

CVE ID
CVE-2008-5695
Published
2008-12-19
Modified
2017-09-29
CVSSv2.0
High
PCI Compliance
Fail
US-CERT Alert
No
CWE
CWE-20

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities.