| VID |
21984 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PmWiki program is vulnerable to the global variables overwrite vulnerability via the 'pmwiki.php' script. PmWiki is a wiki-based system for collaborative creation and maintenance of websites. PmWiki versions prior to 2.1.21 could allow a remote attacker to execute arbitrary PHP codes, caused by improper filtering of user-supplied input passed to global variables in the pmwiki.php script. If the register_globals and file_uploads is enabled, a remote attacker could execute arbitrary PHP codes on the affected system with privileges of the Web server.
* References:
http://securitytracker.com/alerts/2006/Jun/1016306.html
http://www.milw0rm.com/exploits/2291
http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
http://www.pmwiki.com/wiki/PmWiki/ReleaseNotes
* Platforms Affected:
PmWiki versions prior to 2.1.21
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PmWiki (2.1.21 or later), available from the PmWiki Download Web site at http://www.pmwiki.com/wiki/PmWiki/Download
As a workaround, disable PHP's 'register_globals' and 'file_uploads' settings. |
| Related URL |
CVE-2006-3017 (CVE) |
| Related URL |
17843 (SecurityFocus) |
| Related URL |
28779 (ISS) |
|
