Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <5178A7A9.3060500@redhat.com>
Date: Wed, 24 Apr 2013 21:48:57 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: Open Source Security <oss-security@...ts.openwall.com>, donncha@...oimh.ie,
        security@...dpress.org
Subject: WP-Super-Cache 1.3.1 Remote Code Exec - properly fixed?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So it turns out the attempted fix for CVE-2013-2009 was incomplete. To
quote reddit:

"Erm, you forgot about escaping markdown metachars. Here, the fixed
version, edit it in: \*\^_\^\*"

http://www.reddit.com/r/netsec/comments/1czzyx/update_wp_super_cache_and_w3tc_immediately_remote/c9lvxn8

And to quote the WP-Super-Cache 1.3.2 ChangeLog:

+= 1.3.2 =


+* Any mfunc/mclude/dynamic-cached-content tags in comments are now
removed.

So please use CVE-2013-2011 for this issue.

NOTE: this issue exists because of an incomplete fix for CVE-2013-2009.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJReKepAAoJEBYNRVNeJnmTujUQANF2fv8z1ewjFXCHDkippSn1
SYpl4pXTWuL5CL/RIL6zbIlhMx6KJMTkC8vJKFKA0OZ7MLn2nJyBvg1DqXUVcI4d
XvyPQHe53bqjlA6XMD2ldvN4Va3rYAmPQLOlLFJq2tY4VVaa2jW+iEpoTEdXDfwC
XtkluA33f8vVJE97uwAgMWbh/TQ8dBxESPUEgxgusuQAGNWa5g1T/2ydHYjElb4X
YH0yIaMh24Ygl9R5UQ8Fs6U5wttHKLYl1bkKCg1RpRgqiQwRc7Zu15hvIHprtOeO
syKp+R0Xaubv82hZKvMs6SphhNL5u8EOkTVh5iov5BJG4oGj2ZmuaUYXcvn/FTS8
pIhzEKr1nnmQ56xxrMa91fQdbprEb7JmPtSdl4lyTUZOFn+iLVbP+6mmVZW/lodT
zOWeiy1lgx+dVBDijvYpaYh7iZuuK+MmtWMkPio3KPQtKnmSRpqpSFxTIdTadNj2
CB5G0Oy0UT68n7eDrWWYZZR39pCbfwD6WC31MD9QVINHyIqXlBPPlcOKeeDjbGRZ
OBjR91PHbv/DjVdUQjApgLjP46/9/YfnnVobO8IhYIttauxkMitVcmFhbdtAMYiU
xKU47/aoBH8oXAzWiGMLLCAgPMNhVgTBFvUwzqmTDdbgZ6waLr2n9fr2qw333CXN
H5gUmctO2sllcgD1OYb6
=I8Sy
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.