Vulnerability CVE-2006-6808 - CERT Civis.Net

Vulnerability Name:

CVE-2006-6808 (CCN-31133)

Assigned:

2006-12-26

Published:

2006-12-26

Updated:

2017-07-29

Summary:

Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Note: some sources have reported this as a vulnerability in the get_file_description function in wp-admin/admin-functions.php.
This vulnerability is addressed in the following product release:
WordPress, WordPress, 2.0.6

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2006-6808

Source: FULLDISC
Type: UNKNOWN
20061227 WordPress Persistent XSS

Source: MISC
Type: Exploit, Patch
http://michaeldaw.org/

Source: CCN
Type: Operation n Web site
WordPress Persistent XSS

Source: CCN
Type: SA23587
WordPress "file" Script Insertion Vulnerability

Source: SECUNIA
Type: UNKNOWN
23587

Source: SECUNIA
Type: UNKNOWN
23741

Source: GENTOO
Type: UNKNOWN
GLSA-200701-10

Source: CCN
Type: WordPress Changeset 4665
WordPress

Source: CONFIRM
Type: UNKNOWN
http://trac.wordpress.org/changeset/4665

Source: CCN
Type: GLSA-200701-10
WordPress: Multiple vulnerabilities

Source: CCN
Type: OSVDB ID: 31578
WordPress templates.php file Parameter XSS

Source: BID
Type: Patch
21782

Source: CCN
Type: BID-21782
Wordpress Template.PHP HTML Injection Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-5191

Source: XF
Type: UNKNOWN
wordpress-getfiledescription-xss(31133)

Source: XF
Type: UNKNOWN
wordpress-getfiledescription-xss(31133)

Vulnerable Configuration:

Configuration 1:

cpe:/a:wordpress:wordpress:0.6.2:beta_2:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:0.6.2.1:beta_2:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:0.7:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:0.71:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.2:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.5:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.3:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:*:*:*:*:*:*:*:* (Version <= 2.0.5)

Configuration CCN 1:

cpe:/a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

Denotes that component is vulnerable