145714 – www-apps/tikiwiki: 1.9.4 Arbitrary command execution and XSS (CVE-2006-{4299|4602})

Bug 145714 - www-apps/tikiwiki: 1.9.4 Arbitrary command execution and XSS (CVE-2006-{4299|4602})

Summary: www-apps/tikiwiki: 1.9.4 Arbitrary command execution and XSS (CVE-2006-{4299|...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B1? [glsa+] Falco
Keywords:

Depends on:
Blocks:

Reported:	2006-08-31 07:54 UTC by Raphael Marichez (Falco) (RETIRED)
Modified:	2006-09-26 09:22 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Raphael Marichez (Falco) (RETIRED) gentoo-dev

2006-08-31 07:54:49 UTC

"Cross-site scripting (XSS) vulnerability in tiki-searchindex.php in TikiWiki 1.9.4 allows remote attackers to inject arbitrary web script or HTML via the highlight parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."


waiting for any update

Comment 1 Raphael Marichez (Falco) (RETIRED) gentoo-dev

2006-09-08 05:38:00 UTC

file-upload-vulnerability++

http://secunia.com/advisories/21733/

1.9.4 is affected.

Comment 2 Renat Lumpau (RETIRED) gentoo-dev

2006-09-11 20:41:54 UTC

should be fixed in -r2

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-14 03:17:08 UTC

Renat, does 1.9.5 fix this issue ? please comment on the bug next time.

1.9.5 fixes this and has been committed:

12 Sep 2006; Renat Lumpau <rl03@gentoo.org> +tikiwiki-1.9.5.ebuild:

Comment 4 Renat Lumpau (RETIRED) gentoo-dev

2006-09-14 05:21:35 UTC

sorry folks, that's what i had intended with comment #2 , except not -r2 but 1.9.5 . i'll be more careful next time

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-14 07:01:54 UTC

Thx Renat and sorry for the confusion.

PPC please test and mark stable. Target keywords are:

tikiwiki-1.9.5.ebuild:KEYWORDS="~amd64 ppc ~sparc ~x86"

Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev

2006-09-15 11:34:08 UTC

ppc stable

Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-15 11:56:19 UTC

I tend to vote NO.

Comment 8 Wolf Giesen (RETIRED) gentoo-dev

2006-09-15 12:32:16 UTC

Hm, since it seems to be on the same level as the recent DokuWiki vulnerability I'd say it's more B1 than enything else?!

Comment 9 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-15 23:47:58 UTC

This has nothing to do with the recent DokuWiki vulnerability. This one allows injection of web script (javascript) in the context of the victims browswer.

Comment 10 Wolf Giesen (RETIRED) gentoo-dev

2006-09-19 01:35:16 UTC

Maybe I was mislead by Falco's link ... ehr <swirl> ... if we're still talking 1.9.4 ... isn't that one valid?

Comment 11 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-19 02:06:35 UTC

No I was mislead by an outdated Summary/Status.

/me blames falco.

Lets have the GLSA.

Comment 12 Tavis Ormandy (RETIRED) gentoo-dev

2006-09-19 05:40:52 UTC

I would vote YES.

Comment 13 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-25 11:07:56 UTC

GLSA drafted, security please review.

Comment 14 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-09-26 09:22:16 UTC

GLSA 200609-16