VID |
21945 |
Severity |
40 |
Port |
80, ... |
Protocol |
TCP |
Class |
CGI |
Detailed Description |
The TWiki software is vulnerable to a remote command-execution vulnerability in the bin/configure script. TWiki is a Web-based collaboration platform designed for running a project development space, document management system, and a knowledge base, written in Perl. TWiki versions 4.0.0 through 4.0.4 could allow a remote attacker to execute arbitrary Perl code, caused by improper filtering of user-supplied input passed to the 'TYPEOF' parameter of the bin/configure script. A remote attacker could send specially-crafted HTTP POST requests to the bin/configure script containing shell metacharacters in the 'TYPEOF' parameter to execute arbitrary system commands in the context of the web server.
* References: http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure http://www.frsirt.com/english/advisories/2006/2995 http://www.milw0rm.com/exploits/2110
* Platforms Affected: TWiki.org, TWiki 4.0.0 TWiki.org, TWiki 4.0.1 TWiki.org, Twiki 4.0.2 TWiki.org, Twiki 4.0.3 TWiki.org, Twiki 4.0.4 Any operating system Any version |
Recommendation |
Apply the Hotfix 2 or later for version 4.0.4, as listed in the Twiki Security Alert at http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure
As a workaround, restrict access to the TWiki configure script. |
Related URL |
CVE-2006-3819 (CVE) |
Related URL |
19188 (SecurityFocus) |
Related URL |
28049 (ISS) |
|