wordpress does not properly verify that the m parameter value has the string
data type, which allows remote attackers to obtain sensitive information via
an invalid m parameter, as demonstrated by obtaining the path, and
obtaining certain SQL information such as the table prefix.
WordPress before 2.1 allows remote attackers to cause a denial of service
(bandwidth or thread consumption) via pingback service calls with a source
URI that corresponds to a large file, which triggers a long download session
without a timeout constraint.
WordPress allows remote attackers to determine the existence of arbitrary
files, and possibly read portions of certain files, via pingback service
calls with a source URI that corresponds to a local pathname, which triggers
different fault codes for existing and non-existing files, and in certain
configurations causes a brief file excerpt to be published as a blog comment.
Please note that wordpress is not present in sarge.
For the testing distribution (etch) this is fixed in version 2.0.8-1
For the unstable distribution (sid) this is fixed in version 2.1.0-1
This upgrade is recommended if you use wordpress.
If you have the secure testing lines in your sources.list, you can update by running this command as root:
apt-get update && apt-get install wordpress
To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:
deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free