* Florian Weimer: > * Kai Hendry: > >> On 2005-10-26T00:40-0700 Matt Mullenweg wrote: >>> >I need a Wordpress release with the updated "Snoopy version 1.2.1. ASAP. >>> Could you confirm this affects WP? We use an older version of Snoopy >>> that has been modified, and the only calls to it are hard-coded RSS >>> feeds, so I don't think this would actually be exploitable. >> >> I don't have time to check this out. The exploit seems to require snoopy >> to be subclassed by something and then a direct argument fed to it. > > I'm not sure if this is true in general, but since offsiteok is not > set, this seems to be correct in the Wordpress case. Since the only > strings which are given to Snoopy start with "http://", Wordpress > should be on the safe side.
I shoud point out that "SEC Consult Research", the initial reporter, does not agree with my analysis. They claim it's still exploitable in Wordpress. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]