Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 78944 - www-apps/tikiwiki: Arbitrary Script Execution Vulnerability
Summary: www-apps/tikiwiki: Arbitrary Script Execution Vulnerability
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High major (vote)
Assignee: Gentoo Security
URL: http://tikiwiki.org/art102
Whiteboard: B1 [glsa] jaervosz
Keywords:
: 79077 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-01-21 06:02 UTC by Jean-François Brunette (RETIRED)
Modified: 2005-04-03 06:19 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jean-François Brunette (RETIRED) gentoo-dev 2005-01-21 06:02:13 UTC
similar to the previous one (http://tikiwiki.org/art97)


Description:
Some vulnerabilities have been reported in TikiWiki, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to missing validation of files placed in the "temp" directory and can be exploited to execute arbitrary PHP scripts.


The vulnerabilities have been reported in versions prior to 1.8.5 and 1.9 DR4.

Solution:
Update to version 1.8.5.
http://sourceforge.net/project/showfiles.php?group_id=64258

Deny access to the "temp" directory.
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2005-01-21 06:32:22 UTC
Nasty, indeed.
web-apps, bumping is necessary.
Comment 2 Martin Holzer (RETIRED) gentoo-dev 2005-01-28 14:54:48 UTC
ebuild in cvs
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-28 22:50:54 UTC
Thx Martin.

ppc please test and mark stable.
Comment 4 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-01-29 02:47:23 UTC
Stable on ppc.
Comment 5 Sune Kloppenborg Jeppesen gentoo-dev 2005-01-30 00:42:48 UTC
GLSA 200501-41
Comment 6 Michael Davey 2005-04-03 06:19:46 UTC
*** Bug 79077 has been marked as a duplicate of this bug. ***