Date: 16 October 2007
References: ESB-2007.0853
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AA-2007.0085 AUSCERT Advisory
[Win][UNIX/Linux]
Remote code execution vulnerability in TikiWiki
16 October 2007
- ---------------------------------------------------------------------------
AusCERT Advisory Summary
------------------------
Product: TikiWiki
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated
CVE Names: CVE-2007-5423
Member content until: Monday, November 12 2007
Original Bulletin:
http://info.tikiwiki.org/tiki-read_article.php?articleId=14
Revision History: October 16 2007: Added CVE Name
October 15 2007: Initial Release
OVERVIEW:
A remote code execution vulnerability has been identified in TikiWiki.
The exploit is publicly known and being actively exploited. [1][2]
IMPACT:
A malicious person could run commands on the web server hosting the
TikiWiki site. The commands could be run with the permissions of the
user running the web server. [2]
MITIGATION:
The vendor has provided a new release fixing the problem. This is
available from their website. [3]
A workaround is to disable the PHP url_fopen() function or to deny
access to the tiki-graph_formula.php file. [2]
REFERENCES:
[1] TikiWiki php injection
http://securityvulns.ru/Sdocument162.html
[2] Tikiwiki 1.9.8 exploit ITW
http://marc.info/?l=bugtraq&m=119214212626547&w=2
[3] Security Fix Tiki 1.9.8.1 Released
http://info.tikiwiki.org/tiki-read_article.php?articleId=14
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRxP+vCh9+71yA2DNAQJCFgQAnpzl72/V+xXG+FHalUKiQNTCgERCYHQz
WF1YenkwUjipTKIAN7Fd7Gz934aYXQ93qMgKjzoA2Pfuq6AomxV/sB9zw64YAeLH
OQ5RQmuVQtgpBQnWHQITEn18DkWSIrG7iQVuJBV5Lq7vDv4l6xkzjssJxucgwl50
cdgFC8BYNpc=
=J7Hg
-----END PGP SIGNATURE-----
|