Stay Secure with the Latest Linux Advisories

security advisoryhigh severitygentoo

Gentoo 200609-10 High: DokuWiki Remote Code Execution Threat

Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200609-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: DokuWiki: Arbitrary command execution Date: September 14, 2006 Bugs: #146800 ID: 200609-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution. Background ========= DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/dokuwiki < 20060309d > = 20060309d Description ========== "rgod" discovered that DokuWiki doesn't sanitize the X-FORWARDED-FOR HTTP header, allowing the injection of arbitrary contents - such as PHP commands - into a file. Additionally, the accessory scripts installed in the "bin" DokuWiki directory are vulnerable to directory traversal attacks, allowing to copy and execute the previously injected code. Impact ===== A remote attacker may execute arbitrary PHP (and thus probably system) commands with the permissions of the user running the process serving DokuWiki pages. Workaround ========= Disable remote access to the "bin" subdirectory of the DokuWiki installation. Remove the directory if you don't use the scripts in there. Resolution ========= All DokuWiki users should upgrade to the latest version: # emerge --sync # emerge --ask--oneshot --verbose "> =www-apps/dokuwiki-20060309d" References ========= [ 1 ] CVE-2006-4674 https://www.cve.org/CVERecord?id=CVE-2006-4674 [ 2 ] CVE-2006-4675 https://www.cve.org/CVERecord?id=CVE-2006-4675 [ 3 ] CVE-2006-4679 https://www.cve.org/CVERecord?id=CVE-2006-4679 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200609-10 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . DokuWiki on Gentoo has a serious vulnerability enabling remote code execution. Immediate software updates are strongly recommended to protect against possible attacks. DokuWiki Threat, Gentoo Security, Code Execution Risk, Remote Access, Software Update. . LinuxSecurity.com Team

Sep 14, 2006 Gentoo