Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 203265 - www-apps/tikiwiki < 1.9.9 Multiple Vulnerabilities (CVE-2007-{6526,6528,6529})
Summary: www-apps/tikiwiki < 1.9.9 Multiple Vulnerabilities (CVE-2007-{6526,6528,6529})
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [glsa]
Depends on:
Reported: 2007-12-24 21:31 UTC by Tobias Heinlein (RETIRED)
Modified: 2008-01-29 09:46 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tobias Heinlein (RETIRED) gentoo-dev 2007-12-24 21:31:18 UTC
Some vulnerabilities have been reported in TikiWiki, where some have unknown impacts and others can be exploited by malicious people to conduct cross-site scripting attacks.

1) Input passed into the "movies" parameter in tiki-listmovies.php is not properly sanitised before being used, which can be exploited to conduct directory traversal attacks.

2) Input passed to the "area_name" parameter in tiki-special_chars.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

3) Certain unspecified vulnerabilities exist in tiki-edit_css.php, tiki-list_games.php, and tiki-g-admin_shared_source.php. More information is currently not available.

Update to version 1.9.9.
Comment 1 Tobias Heinlein (RETIRED) gentoo-dev 2007-12-24 21:33:07 UTC
Web-apps, please bump.
Comment 2 Lars Hartmann 2008-01-04 20:03:25 UTC
could someone please add "CVE-2007-6526" to the topic?
I dont have the permissions i need to do that
Comment 3 Lars Hartmann 2008-01-04 20:04:10 UTC
same for CVE-2007-6528 and CVE-2007-6529
Comment 4 Gunnar Wrobel (RETIRED) gentoo-dev 2008-01-17 09:16:20 UTC
1.9.9 is in the tree.



Comment 5 Tobias Scherbaum (RETIRED) gentoo-dev 2008-01-18 20:25:27 UTC
ppc stable
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-01-20 00:02:47 UTC
This is a vote. I'd go for a YES because of the directory traversal which allows arbitrary file read.
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2008-01-20 18:59:05 UTC
Voting YES and filing.
Comment 8 Gunnar Wrobel (RETIRED) gentoo-dev 2008-01-23 08:56:34 UTC
Removed insecure version. webapps done.
Comment 9 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2008-01-29 09:46:12 UTC
GLSA 200801-10;, thanks everyone