Detections
Analytics

PmWiki < 2.1 beta 21 Multiple Vulnerabilities

medium Nessus Plugin ID 20891

Language:

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

The remote host is running PmWiki, an open source Wiki written in PHP.

The version of PmWiki installed on the remote host allows attackers to overwrite global variables if run under PHP 5 with 'register_globals' enabled. For example, an attacker can exploit this issue to overwrite the 'FarmD' variable before it's used in a PHP 'include()' function in the 'pmwiki.php' script, which can allow him to view arbitrary files on the remote host and even execute arbitrary PHP code, possibly taken from third-party hosts.

Solution

Upgrade to PmWiki 2.1 beta 21 or later.

See Also

http://www.ush.it/2006/01/24/pmwiki-multiple-vulnerabilities/

https://seclists.org/fulldisclosure/2006/Jan/935

http://www.nessus.org/u?33775e7d

Plugin Details

Severity: Medium

ID: 20891

File Name: pmwiki_21b21.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 2/13/2006

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.4

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:pmwiki:pmwiki

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 1/28/2006

Reference Information

CVE: CVE-2006-0479

BID: 16421