|
DokuWiki Content Disclosure and Script Insertion
|
|
|
|
|
Secunia Advisory:
|
SA20478
|
|
|
Release Date:
|
2006-06-07
|
|
Last Update:
|
2006-09-19
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Security Bypass
Cross Site Scripting
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | DokuWiki
|
| | CVE reference: | CVE-2006-2945 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Two vulnerabilities have been reported in DokuWiki, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks.
1) Missing permission checks when accessing page content in certain situations can be exploited by an authenticated user to view certain restricted pages.
Successful exploitation requires that Access Control Lists is enabled (disabled by default).
2) Input passed to the "Fullname" and "E-Mail" fields when updating the profile and the "login" parameter isn't properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious user data is viewed.
Solution:
Update to the latest version (still dated 2006-03-09, but contains the fix).
http://www.splitbrain.org/projects/dokuwiki
Provided and/or discovered by:
1) The vendor credits Andreas Åkre Solberg.
2) The vendor credits Gert Kremser.
Changelog:
2006-06-15: Added CVE reference.
2006-09-19: Added additional vulnerability provided by Gert Kremser.
Original Advisory:
1) http://bugs.splitbrain.org/?do=details&id=825
2) http://bugs.splitbrain.org/index.php?do=details&id=820
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
8 Related Secunia Security Advisories
|
|
|
1. DokuWiki "spell_utf8test()" Cross-Site Scripting
|
|
2. DokuWiki "media" CRLF Injection Vulnerability
|
|
3. DokuWiki Denial of Service and Command Injection
|
|
4. DokuWiki "TARGET_FN" Directory Traversal Vulnerability
|
|
5. DokuWiki Spell Checker Code Execution Vulnerability
|
|
6. DokuWiki Mediamanager EXIF Data Cross-Site Scripting Vulnerability
|
|
7. DokuWiki Unspecified ACL Sensitive Information Disclosure
|
|
8. DokuWiki File Upload Vulnerability
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
