Joined: 12 May 2004
|Posted: Wed Jun 14, 2006 7:26 pm Post subject: [ GLSA 200606-16 ] DokuWiki: PHP code injection
|Gentoo Linux Security Advisory
Title: DokuWiki: PHP code injection (GLSA 200606-16)
Date: June 14, 2006
A flaw in DokuWiki's spell checker allows for the execution of arbitrary PHP commands, even without proper authentication.
DokuWiki is a simple to use wiki targeted at developer teams, workgroups and small companies.
Vulnerable: < 20060309-r1
Unaffected: >= 20060309-r1
Architectures: All supported architectures
Stefan Esser discovered that the DokuWiki spell checker fails to properly sanitize PHP's "complex curly syntax".
A unauthenticated remote attacker may execute arbitrary PHP commands - and thus possibly arbitrary system commands - with the permissions of the user running the webserver that serves DokuWiki pages.
There is no known workaround at this time.
All DokuWiki users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/dokuwiki-20060309-r1"