6.4
CVSSv2

CVE-2014-9038

Published: 25/11/2014 Updated: 05/10/2015
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

wp-includes/http.php in WordPress prior to 3.7.5, 3.8.x prior to 3.8.5, 3.9.x prior to 3.9.3, and 4.x prior to 4.0.1 allows remote malicious users to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource.

Affected Products

Vendor Product Versions
WordpressWordpress3.7.4, 3.8, 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.9, 3.9.1, 3.9.2, 4.0

Vendor Advisories

Debian Bug report logs - #770425 wordpress: CVE-2014-9031 CVE-2014-9032 CVE-2014-9033 CVE-2014-9034 CVE-2014-9035 CVE-2014-9036 CVE-2014-9037 CVE-2014-9038 CVE-2014-9039 (issues fixed in 401 security release) Package: src:wordpress; Maintainer for src:wordpress is Craig Small <csmall@debianorg>; Reported by: Salvatore Bona ...
Debian Bug report logs - #783554 wordpress: New critical security release available: 421 (CVE-2015-3440) Package: src:wordpress; Maintainer for src:wordpress is Craig Small <csmall@debianorg>; Reported by: Craig Small <csmall@debianorg> Date: Mon, 27 Apr 2015 22:24:02 UTC Severity: important Tags: security Found ...
Debian Bug report logs - #783347 wordpress: New critical security release available: 412 (CVE-2015-3438 CVE-2015-3439) Package: wordpress; Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon) Reported by: Christer Mjellem Strand <dilldall@bjorkorg> ...

Github Repositories

CSCI4349 Week 9: Honeypot MANUAL HONEYPOT SETUP git clone this repo git clone githubcom/harrystaley/CSCI4349_Week9_Honeypot open your terminal application and execute the following command vagrant up vagrant ssh wich should bring you to a new terminal prompt on your newly created linux box cd /vagrant initialize google cloud gcloud init login and instert the name o