Info

Disclosure

Nov 13, 2004

Discovery

Nov 12, 2004

Dates

Exploit

Oct 01, 2004

Solution

Nov 13, 2004

Description

Twiki contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is triggered when specially crafted shell metacharacters are passed to the Search parameter, which does not validate input.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: Vendor Verified, Uncoordinated Disclosure, Discovered in the Wild
OSVDB: Web Related

Solution

Upgrade to version 02Sep2004 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Twiki, Inc.

TWiki

01Sep2004

References

Security Tracker: 1012223
Bugtraq ID: 11674
Metasploit ID: 11714
Secunia Advisory ID: 13190 13296
ISS X-Force ID: 18062
CVE ID: 2004-1037 (see also: NVD)
Milw0rm: 642
Exploit Database: 642
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-11/0201.html
http://archives.neohapsis.com/archives/bugtraq/2004-11/0262.html
http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0445.html
http://archives.neohapsis.com/archives/vulndiscuss/2004-q4/0012.html
http://marc.theaimsgroup.com/?l=bugtraq&m=110037207516456&w=2
Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000918
http://security.gentoo.org/glsa/glsa-200411-33.xml
http://www.ciac.org/ciac/bulletins/p-039.shtml
Vendor Specific Solution URL: http://security.gentoo.org/glsa/glsa-200411-33.xml
Vendor URL: http://twiki.org/
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/twiki_search
Vendor Specific Advisory URL: http://www.twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearch
CIAC Advisory: p-039

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/11714