Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Gentoo 200609-10 High: DokuWiki Remote Code Execution Threat

gentoo
Calendar Grey September 14, 2006
Dist Gentoo Esm H88
DokuWiki on Gentoo has a serious vulnerability enabling remote code execution. Immediate software updates are strongly recommended to protect against possible attacks
Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution.

Summary

Gentoo Linux Security Advisory GLSA 200609-10 https://security.gentoo.org/ Severity: High Title: DokuWiki: Arbitrary command execution Date: September 14, 2006 Bugs: #146800 ID: 200609-10

Synopsis ======= Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution.
Background ========= DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/dokuwiki < 20060309d >= 20060309d
========== "rgod" discovered that DokuWiki doesn't sanitize the X-FORWARDED-FOR HTTP header, allowing the injection of arbitrary contents - such as PHP co...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo remote code execution DokuWiki accessory scripts

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo remote code execution DokuWiki accessory scripts

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here