Joined: 13 Jun 2003
Location: Dresden, Germany
|Posted: Wed Nov 24, 2004 10:06 am Post subject: [ GLSA 200411-33 ] TWiki: Arbitrary command execution
|Gentoo Linux Security Advisory
Title: TWiki: Arbitrary command execution (GLSA 200411-33)
Date: November 24, 2004
Updated: September 08, 2006
A bug in the TWiki search function allows an attacker to execute arbitrary
commands with the permissions of the user running TWiki.
TWiki is a Web-based groupware tool based around the concept of wiki
pages that can be edited by anybody with a Web browser.
Vulnerable: < 20040902
Unaffected: >= 20040902
Unaffected: < 20000000
Architectures: All supported architectures
The TWiki search function, which uses a shell command executed via the
Perl backtick operator, does not properly escape shell metacharacters
in the user-provided search string.
An attacker can insert malicious commands into a search request,
allowing the execution of arbitrary commands with the privileges of the
user running TWiki (usually the Web server user).
There is no known workaround at this time.
All TWiki users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/twiki-20040902"
TWiki Security Alert
Last edited by GLSA on Fri May 27, 2011 4:18 am; edited 4 times in total