Vulnerability CVE-2009-2336 - CERT Civis.Net

Vulnerability Name:

CVE-2009-2336 (CCN-51619)

Assigned:

2009-07-08

Published:

2009-07-08

Updated:

2018-11-08

Summary:

The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
Note: the vendor reportedly disputes the significance of this issue, indicating that the behavior exists for "user convenience."

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Obtain Information

References:

Source: CCN
Type: CORE-2009-0515
WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures

Source: MISC
Type: Exploit, Patch, Third Party Advisory
http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked

Source: MITRE
Type: CNA
CVE-2009-2336

Source: CCN
Type: SECTRACK ID: 1022528
WordPress Bugs Permit Cross-Site Scripting and Information Disclosure Attacks

Source: SECTRACK
Type: Patch, Third Party Advisory, VDB Entry
1022528

Source: CCN
Type: WordPress Web site
WordPress

Source: EXPLOIT-DB
Type: Third Party Advisory, VDB Entry
9110

Source: OSVDB
Type: Broken Link, Patch
55714

Source: CCN
Type: OSVDB ID: 55714
WordPress Forgotten Mail Interface New Password Request User Enumeration

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20090708 CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information

Source: BID
Type: Third Party Advisory, VDB Entry
35581

Source: CCN
Type: BID-35581
WordPress Multiple Existing/Non-Existing Username Enumeration Weaknesses

Source: VUPEN
Type: Patch, Third Party Advisory
ADV-2009-1833

Source: XF
Type: UNKNOWN
wordpress-forgottenmail-info-disclosure(51619)

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-8529

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-8538

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-7701

Source: FEDORA
Type: Third Party Advisory
FEDORA-2009-7729

Vulnerable Configuration:

Configuration 1:

cpe:/a:wordpress:wordpress:*:*:*:*:*:*:*:* (Version < 2.8.1)

OR cpe:/a:wordpress:wordpress_mu:*:*:*:*:*:*:*:* (Version < 2.8.1)

Configuration CCN 1:

cpe:/a:wordpress:wordpress:2.0.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.3:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.5:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.6:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1.3:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.2:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.2.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.3:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.9:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.11:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.3.2:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.3.3:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.3.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.2.3:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.2.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.10:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.7:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1.3:rc2:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1.3:rc1:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.5:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.10:rc1:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.10:rc2:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.0.8:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.6:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.6.1:-:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.6.2:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.2.0:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.1:alpha_3:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.3.1:rc1:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress_mu:2.6:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress_mu:2.7:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress:2.6.5:*:*:*:*:*:*:*

OR cpe:/a:wordpress:wordpress_mu:2.7.1:*:*:*:*:*:*:*

Denotes that component is vulnerable