7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.968 High
EPSS
Percentile
99.7%
A lack of input validation in the TWiki revision control function may allow a remote, unauthenticated attacker to execute arbitrary commands.
TWiki is a web-based collaborative publishing environment. TWiki does not sanitize user-controlled URI parameters supplied to the revision control function for malicious content. Specifically, the rev
parameter is not filtered for shell metacharacters before being used to construct a shell command. By sending a specially crafted URI to a system running TWiki, an remote, unauthenticated attacker may be able to execute arbitrary commands on that system.
Note that exploits are publicly available for this vulnerability. More detailed information is available in the TWiki Security Alert.
By sending a specially crafted URI to TWiki, a remote, unauthenticated attacker may be able to execute arbitrary commands with the privileges of the CGI process, typically nobody
.
Apply hotfix
TWiki has release a hotfix to address this issue.
Restrict access
Restricting access to TWiki to only trusted users will reduce the chances of exploitation.
757181
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: September 23, 2005
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported by Sap. TWiki credits PeterThoeny, Crawford Currie, Sven Dowideit, Colas Nahaboo, Will Norris, Richard Donkin, B4dP4nd4 and Florian Weimer for providing information regarding this issue.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2005-2877 |
---|---|
Severity Metric: | 12.57 Date Public: |