Package: wordpress
Version: 1.5.2-2
Severity: grave
Justification: user security hole
As described upon the following bugtraq post the class Snoopy which
is included in wordpress potentially allows arbitary command execution.
http://seclists.org/lists/fulldisclosure/2005/Oct/0536.html
The class is contained within the wordpress distribution - although
I haven't explicitly told them yet, I leave it to you to give them
a nod.
Steve
--
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
