oss-sec mailing list archives
CVE Request: W3 Total Cache - public cache exposure
From: "Jason A. Donenfeld" <Jason () zx2c4 com>
Date: Fri, 28 Dec 2012 09:04:49 +0100
Hi Kurt, W3 Total Cache: http://wordpress.org/extend/plugins/w3-total-cache/ CVE request for three separate issues: 1. Cache allows directory listing of hash-key listings, exposing hash keys. 2. Hash keys are easily predictable, in the case of (1) not existing. 3. Cached database values are downloadable by their hash keys on the public internet, exposing sensitive information like password hashes. Fixing (3) mitigates (1) and (2), so assign this either three CVEs or one CVE. Source: http://seclists.org/fulldisclosure/2012/Dec/242 The vendor, copied on this email, currently has not issued a fix. Thanks, Jason
Current thread:
- CVE Request: W3 Total Cache - public cache exposure Jason A. Donenfeld (Dec 28)
- Re: CVE Request: W3 Total Cache - public cache exposure Kurt Seifried (Dec 28)
- Re: CVE Request: W3 Total Cache - public cache exposure Jason A. Donenfeld (Dec 29)
- Re: CVE Request: W3 Total Cache - public cache exposure Jason A. Donenfeld (Dec 29)
- Re: CVE Request: W3 Total Cache - public cache exposure Kurt Seifried (Dec 29)
- Re: CVE Request: W3 Total Cache - public cache exposure Jason A. Donenfeld (Dec 29)
- Re: CVE Request: W3 Total Cache - public cache exposure Kurt Seifried (Dec 28)