Korean
<< Back
VID 21945
Severity 40
Port 80, ...
Protocol TCP
Class CGI
Detailed Description The TWiki software is vulnerable to a remote command-execution vulnerability in the bin/configure script. TWiki is a Web-based collaboration platform designed for running a project development space, document management system, and a knowledge base, written in Perl. TWiki versions 4.0.0 through 4.0.4 could allow a remote attacker to execute arbitrary Perl code, caused by improper filtering of user-supplied input passed to the 'TYPEOF' parameter of the bin/configure script. A remote attacker could send specially-crafted HTTP POST requests to the bin/configure script containing shell metacharacters in the 'TYPEOF' parameter to execute arbitrary system commands in the context of the web server.

* References:
http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure
http://www.frsirt.com/english/advisories/2006/2995
http://www.milw0rm.com/exploits/2110

* Platforms Affected:
TWiki.org, TWiki 4.0.0
TWiki.org, TWiki 4.0.1
TWiki.org, Twiki 4.0.2
TWiki.org, Twiki 4.0.3
TWiki.org, Twiki 4.0.4
Any operating system Any version
Recommendation Apply the Hotfix 2 or later for version 4.0.4, as listed in the Twiki Security Alert at http://twiki.org/cgi-bin/view/Codev/SecurityAlertCmdExecWithConfigure

As a workaround, restrict access to the TWiki configure script.
Related URL CVE-2006-3819 (CVE)
Related URL 19188 (SecurityFocus)
Related URL 28049 (ISS)