[Secure-testing-team] [Secure-testing-commits] r12571 - in data: . CVE
Michael S. Gilbert
michael.s.gilbert at gmail.com
Tue Aug 11 20:55:18 UTC 2009
On Tue, 11 Aug 2009 20:45:32 +0000, Giuseppe Iuculano wrote:
> Author: derevko-guest
> Date: 2009-08-11 20:45:32 +0000 (Tue, 11 Aug 2009)
> New Revision: 12571
>
> Modified:
> data/CVE/list
> data/ospu-candidates.txt
> data/spu-candidates.txt
> Log:
> etch and lenny are not affected by wordpress password reset issue
are you sure about this? i had checked lenny, and saw the vulnerable
bit of code in wp-login.php.
note that same code is also present in
wp-content/plugins/akismet/akismet.php.
mike
More information about the Secure-testing-team
mailing list