ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <= 2.6.1 - SQL Truncation Vulnerability #2

Product
WordPress
Description
The attackers can change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability.", because this WordPress does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames.
Solution
Update WordPress.
Classification
Type SQL Injection
OWASP Top 10 A1: Injection
References
CVE Mitre
CVE
Name CVE-2008-4106
Versions
Affected In <= 2.6.1
Fixed In 2.6.2
Disclosure date
2008-09-15
Credits
Hanno Böck