1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## CVE-2007-1599.dpatch by <andrea.de.iacov@gmail.com>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixes CVE-2007-1599 wp-login-php redirect vulnerability
@DPATCH@
--- wordpress/wp-login.php 2008-05-07 00:54:10.000000000 +0200
+++ wordpress/wp-login.php 2008-05-07 00:57:45.000000000 +0200
@@ -168,6 +168,8 @@
$using_cookie = false;
if ( !isset( $_REQUEST['redirect_to'] ) || is_user_logged_in() )
$redirect_to = 'wp-admin/';
+ else if (preg_match('/:\/\//', $_REQUEST['redirect_to']) > 0)
+ $redirect_to = 'wp-admin/';
else
$redirect_to = $_REQUEST['redirect_to'];
|
