CVE-2014-5205 – WordPress Core < 3.9.2 - Brute Force of Cross-Site Request Forgery Tokens
https://notcve.org/view.php?id=CVE-2014-5205
wp-includes/pluggable.php in WordPress before 3.9.2 does not use delimiters during concatenation of action values and uid values in CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack. wp-includes/pluggable.php en WordPress anterior a 3.9.2 no utiliza delimitadores durante la concatenación de los valores de acción y los valores uid en los tokens CSRF, lo que facilita a aqtacantes remotos evadir un mecanismo de protección CSRF a través de un ataque de fuerza bruta. • http://openwall.com/lists/oss-security/2014/08/13/3 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29408 https://wordpress.org/news/2014/08/wordpress-3-9-2 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVE-2014-5204 – WordPress Core < 3.9.2 - Cross-Site Request Forgery Protection Bypass
https://notcve.org/view.php?id=CVE-2014-5204
wp-includes/pluggable.php in WordPress before 3.9.2 rejects invalid CSRF nonces with a different timing depending on which characters in the nonce are incorrect, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force attack. wp-includes/pluggable.php en WordPress anterior a 3.9.2 rechaza cadenas de caracteres de un sólo uso CSRF inválidos con diferencias de tiempo dependiendo de qué caracteres en la cadena de caracteres de un sólo uso sean incorrectos, lo que facilita a atacantes remotos evadir un mecanismo de protección CSRF a través de un ataque de fuerza bruta. • http://openwall.com/lists/oss-security/2014/08/13/3 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29384 https://wordpress.org/news/2014/08/wordpress-3-9-2 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2014-5266 – WordPress Core < 3.9.2 - Denial of Service via XML #2
https://notcve.org/view.php?id=CVE-2014-5266
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265. La libraría Incutio XML-RPC (IXR) , utilizado en WordPress anterior a 3.9.2 y Drupal 6.x anterior a 6.33 y 7.x anterior a 7.31, no limita el número de elementos en un documento XML, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) a través de un documento grande, una vulnerabilidad diferente a CVE-2014-5265. Wordpress XMLRPC parsing is vulnerable to a XML based denial of service. This vulnerability affects Wordpress 3.5 - 3.9.2 (3.8.4 and 3.7.4 are also patched). • http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830 http://cgit.drupalcode.org/drupal/diff/modules/openid/xrds.inc?id=1849830 http://www.debian.org/security/2014/dsa-2999 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29404 https://wordpress.org/news/2014/08/wordpress-3-9-2 https://www.drupal.org/SA-CORE-2014-004 http://www.breaksec.com/?p=6362 https://mashable.com/archive/wordpress-xml-blowup-dos • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVE-2014-5265 – WordPress Core < 3.9.2 - Denial of Service via XML
https://notcve.org/view.php?id=CVE-2014-5265
The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. La librería Incutio XML-RPC (IXR), utilizada en WordPress anterior a 3.9.2 y Drupal 6.x anterior a 6.33 y 7.x anterior a 7.31, permite declaraciones de entidad sin considerar la recursión durante la expansión de la entidad, lo que permite a atacantes remotos causar una denegación de servicios (consumo de memoria y CPU) a través de un documento XML manipulado que contiene un número grande de referencias de entidad anidadas, un problema similar al CVE-2003-1564. • http://cgit.drupalcode.org/drupal/diff/includes/xmlrpc.inc?id=1849830 http://www.debian.org/security/2014/dsa-2999 http://www.debian.org/security/2014/dsa-3001 https://core.trac.wordpress.org/changeset/29404 https://wordpress.org/news/2014/08/wordpress-3-9-2 https://www.drupal.org/SA-CORE-2014-004 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVE-2014-3841 – Contact Bank – Contact Form Builder for WordPress <= 2.0.19 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-3841
Cross-site scripting (XSS) vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information. Vulnerabilidad de XSS en el plugin Contact Bank anterior a 2.0.20 para WordPress permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del campo Label, relacionado con la configuración de diseño de formularios. NOTA: algunos de estos detalles se obtienen de información de terceras partes. • http://secunia.com/advisories/58300 http://wordpress.org/plugins/contact-bank/changelog http://www.securityfocus.com/bid/67334 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •