|
Family: CGI abuses --> Category: attack
DokuWiki spellcheck Arbitrary Code Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary Executes arbitrary PHP code via DocuWiki spellcheck
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that is affected by
an arbitrary code execution vulnerability.
Description :
The remote host is running DokuWiki, an open-source wiki application
written in PHP.
The installed version of DokuWiki fails to properly sanitize input to
the 'data' parameter of the 'lib/exe/spellcheck.php' script before
evaluating it to handle links embedded in the text. An
unauthenticated attacker can leverage this issue with PHP commands in
'complex curly syntax' to execute arbitrary PHP code on the remote
host subject to the rights of the web server user id.
See also :
http://www.hardened-php.net/advisory_042006.119.html
http://www.securityfocus.com/archive/1/435989/30/0/threaded
http://bugs.splitbrain.org/index.php?do=details&id=823
Solution :
Upgrade to DokuWiki release 2006-03-09 with hotfix 823 or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|