Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-1976.NASL
HistoryFeb 24, 2010 - 12:00 a.m.

Debian DSA-1976-1 : dokuwiki - several vulnerabilities

2010-02-2400:00:00
This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
JSON

Several vulnerabilities have been discovered in dokuwiki, a standards compliant simple to use wiki. The Common Vulnerabilities and Exposures project identifies the following problems :

  • CVE-2010-0287 It was discovered that an internal variable is not properly sanitized before being used to list directories. This can be exploited to list contents of arbitrary directories.

  • CVE-2010-0288 It was discovered that the ACL Manager plugin doesn’t properly check the administrator permissions. This allow an attacker to introduce arbitrary ACL rules and thus gaining access to a closed Wiki.

  • CVE-2010-0289 It was discovered that the ACL Manager plugin doesn’t have protections against cross-site request forgeries (CSRF). This can be exploited to change the access control rules by tricking a logged in administrator into visiting a malicious website.

The oldstable distribution (etch) is not affected by these problems.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1976. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(44840);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2010-0287", "CVE-2010-0288", "CVE-2010-0289");
  script_bugtraq_id(37820, 37821);
  script_xref(name:"DSA", value:"1976");

  script_name(english:"Debian DSA-1976-1 : dokuwiki - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several vulnerabilities have been discovered in dokuwiki, a standards
compliant simple to use wiki. The Common Vulnerabilities and Exposures
project identifies the following problems :

  - CVE-2010-0287
    It was discovered that an internal variable is not
    properly sanitized before being used to list
    directories. This can be exploited to list contents of
    arbitrary directories.

  - CVE-2010-0288
    It was discovered that the ACL Manager plugin doesn't
    properly check the administrator permissions. This allow
    an attacker to introduce arbitrary ACL rules and thus
    gaining access to a closed Wiki.

  - CVE-2010-0289
    It was discovered that the ACL Manager plugin doesn't
    have protections against cross-site request forgeries
    (CSRF). This can be exploited to change the access
    control rules by tricking a logged in administrator into
    visiting a malicious website.

The oldstable distribution (etch) is not affected by these problems."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565406"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-0287"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-0288"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2010-0289"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.debian.org/security/2010/dsa-1976"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the dokuwiki package.

For the stable distribution (lenny), these problems have been fixed in
version 0.0.20080505-4+lenny1."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(22, 264, 352);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dokuwiki");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2010/01/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"5.0", prefix:"dokuwiki", reference:"0.0.20080505-4+lenny1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxdokuwikip-cpe:/a:debian:debian_linux:dokuwiki
debiandebian_linux5.0cpe:/o:debian:debian_linux:5.0

Related

nessus 5
openvas 10
debian 3
securityvulns 2
osv 1
freebsd 1
gentoo 1
cve 3
ubuntucve 3
debiancve 3
prion 3
nessus
nessus
Fedora 11 : dokuwiki-0-0.4.20091225.c.fc11 (2010-0770)
2010-07-01 00:00:00
Fedora 12 : dokuwiki-0-0.4.20091225.c.fc12 (2010-0800)
2010-07-01 00:00:00
FreeBSD : dokuwiki -- multiple vulnerabilities (848539dc-0458-11df-8dd7-002170daae37)
2010-01-19 00:00:00
openvas
openvas
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
Fedora Update for dokuwiki FEDORA-2010-0800
2010-03-02 00:00:00
debian
debian
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 19:59:59
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 20:00:25
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-22 16:11:52
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2010-01-23 00:00:00
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-23 00:00:00
osv
osv
dokuwiki - several vulnerabilities
2010-01-22 00:00:00
freebsd
freebsd
dokuwiki -- multiple vulnerabilities
2010-01-17 00:00:00
gentoo
gentoo
DokuWiki: Multiple vulnerabilities
2013-01-09 00:00:00
cve
cve
CVE-2010-0287
2010-02-15 18:30:00
CVE-2010-0288
2010-02-15 18:30:00
CVE-2010-0289
2010-02-15 18:30:00
ubuntucve
ubuntucve
CVE-2010-0287
2010-02-15 00:00:00
CVE-2010-0289
2010-02-15 00:00:00
CVE-2010-0288
2010-02-15 00:00:00
debiancve
debiancve
CVE-2010-0289
2010-02-15 18:30:00
CVE-2010-0287
2010-02-15 18:30:00
CVE-2010-0288
2010-02-15 18:30:00
prion
prion
Directory traversal
2010-02-15 18:30:00
Code injection
2010-02-15 18:30:00
Cross site request forgery (csrf)
2010-02-15 18:30:00
JSON
Related for DEBIAN_DSA-1976.NASL
nessus5openvas10debian3securityvulns2osv1freebsd1gentoo1cve3ubuntucve3debiancve3prion3