FreeBSD : twiki -- remote Perl code execution (21ce1840-6107-11e4-9e84-0022156e8794)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

TWiki developers report :

The debugenableplugins request parameter allows arbitrary Perl code
execution.

Using an HTTP GET request towards a TWiki server, add a specially
crafted debugenableplugins request parameter to TWiki's view script
(typically port 80/TCP). Prior authentication may or may not be
necessary.

A remote attacker can execute arbitrary Perl code to view and modify
any file the webserver user has access to.

Example:
http://www.example.com/do/view/Main/WebHome?debugenableplugins=BackupR
estorePlugin%3bprint('Content-Type:text/html\r\n\r\nVulnerable!')%3bex
it

The TWiki site is vulnerable if you see a page with text
'Vulnerable!'.

See also :

http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236
http://www.nessus.org/u?fd252f09

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 78816 ()

Bugtraq ID:

CVE ID: CVE-2014-7236

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now