GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Wed Aug 24, 2005 7:57 pm Post subject: [ GLSA 200508-14 ] TikiWiki, eGroupWare: Arbitrary command e |
|
|
Gentoo Linux Security Advisory
Title: TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC (GLSA 200508-14)
Severity: high
Exploitable: remote
Date: August 24, 2005
Bug(s): #102374, #102377
ID: 200508-14
Synopsis
TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to
arbitrary command execution.
Background
TikiWiki is a full featured Free Software Wiki, CMS and Groupware
written in PHP. eGroupWare is a web-based collaboration software suite.
Both TikiWiki and eGroupWare include a PHP library to handle XML-RPC
requests.
Affected Packages
Package: www-apps/tikiwiki
Vulnerable: < 1.8.5-r2
Unaffected: >= 1.8.5-r2
Architectures: All supported architectures
Package: www-apps/egroupware
Vulnerable: < 1.0.0.009
Unaffected: >= 1.0.0.009
Architectures: All supported architectures
Description
The XML-RPC library shipped in TikiWiki and eGroupWare improperly
handles XML-RPC requests and responses with malformed nested tags.
Impact
A remote attacker could exploit this vulnerability to inject
arbitrary PHP script code into eval() statements by sending a specially
crafted XML document to TikiWiki or eGroupWare.
Workaround
There is no known workaround at this time.
Resolution
All TikiWiki users should upgrade to the latest version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/tikiwiki-1.8.5-r2" |
All eGroupWare users should upgrade to the latest version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/egroupware-1.0.0.009" |
References
CAN-2005-2498
Last edited by GLSA on Sun Jan 03, 2010 4:20 am; edited 3 times in total |
|