Detections
Analytics

FreeBSD : ikiwiki -- multiple vulnerabilities (5ed094a0-0150-11e7-ae1b-002590263bf5)

high Nessus Plugin ID 97544

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Mitre reports :

ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made.

When CGI::FormBuilder->field('foo') is called in list context (and in particular in the arguments to a subroutine that takes named arguments), it can return zero or more values for foo from the CGI request, rather than the expected single value. This breaks the usual Perl parsing convention for named arguments, similar to CVE-2014-1572 in Bugzilla (which was caused by a similar API design issue in CGI.pm).

Solution

Update the affected package.

See Also

https://ikiwiki.info/security/#index46h2

https://ikiwiki.info/security/#index47h2

http://www.nessus.org/u?39a51429

Plugin Details

Severity: High

ID: 97544

File Name: freebsd_pkg_5ed094a0015011e7ae1b002590263bf5.nasl

Version: 3.3

Type: local

Published: 3/6/2017

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ikiwiki, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/5/2017

Vulnerability Publication Date: 12/19/2016

Reference Information

CVE: CVE-2016-10026, CVE-2016-9645, CVE-2016-9646