FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

twiki -- Arbitrary code execution in session files

Affected packages
twiki < 4.2.3

Details

VuXML ID 9227dcaf-827f-11dd-9cd7-0050568452ac
Discovery 2008-08-05
Entry 2008-09-14

Th1nk3r reports:

The version of TWiki installed on the remote host allows access to the 'configure' script and fails to sanitize the 'image' parameter of that script of directory traversal sequences before returning the file contents when the 'action' parameter is set to 'image'. An unauthenticated attacker can leverage this issue to view arbitrary files on the remote host subject to the privileges of the web server user id. .

References

CVE Name CVE-2008-3195
URL http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195
URL http://www.kb.cert.org/vuls/id/362012
URL http://www.nessus.org/plugins/index.php?view=single&id=34031
URL https://inspectit.accessitgroup.com/threats/details.cgi?id=34031