Re: Wordpress enable-latex plugin Remote File Include Vulnerabilities



On Wed, Nov 23, 2011 at 12:30:58PM +0000, Amir@xxxxxxxx wrote:
a bug in Wordpress enable-latex plugin that allows to us to occur a Remote File Include on a Remote machin.



################################################################################################################################
# #
# Aria Security Team - Persian Network Security #
# #
# http://Aria-Security.Com/forum/ #
# #
################################################################################################################################
# #
# Wordpress enable-latex plugin Remote File Include Vulnerabilities #
# #
# Download......: http://wordpress.org/extend/plugins/enable-latex/ #
# #
# Exploit.......: http://www.site.com/[path]/wp-content/plugins/enable-latex/core.php?url=[Rfi]? #
# #
# Google Search.: "Powered by Wordpress" #
# #
################################################################################################################################
# #
# Bug Found.....: Aria-Security #
# #
# discovery.....: Am!r (IrIsT?) #
# #
# contact.......: Amir[at]IrIsT.ir #
# #
# SP TNX........: The-0utl4w & A.u.r.A & B3HZ4D & m3hdi & joker_s & all IrIsT And Aria-security members #
# #
################################################################################################################################

Amir please stop posting to bugtraq. This was third false-positive or you are testing with unsecure www-server/browser. If you for example had global_register disabled you should say this in your advisory so people don't worry for nothing. This also creates negative reputation to plugins without no good reason. You also don't follow good policy to notify vendors before posting to public mailing-list. They should have few weeks to months of time to fix these issues and coordinate if necessary.

http://wordpress.org/support/topic/plugin-enable-latex-false-positive-remote-file-include-vulnerability

Please note that I am not trying to be offensive here. You should definately continue your research and intrest in information security. Please contact me if you need verification of issues. I am more than happy to help you!

- Henri Salo