TWiki: input sanitizing
| Package(s): | twiki | CVE #(s): | CAN-2004-1037 | ||||
| Created: | December 1, 2004 | Updated: | December 1, 2004 | ||||
| Description: | The TWiki search function does not properly sanitize input, enabling a remote attacker to execute arbitrary commands. | ||||||
| Alerts: |
| ||||||
Posted Dec 2, 2004 18:08 UTC (Thu)
by toehser (guest, #16968)
[Link]
This bug is actively being scanned for in the wild. It affects not only Gentoo, but any unpatched TWiki older than the 20040902 release. The attacks in the wild typically start a remote shell as your web server user, start up some spam gateways, download the .htpasswd files, and leave some other daemons running of unknown purpose with innocuous names running as the web server user. Your web pages may all be defaced. You will then be open to any privilege escalation attacks they can muster. Don't ignore this one.TWiki: input sanitizing