TWiki Privilege Escalation

High Nessus Network Monitor Plugin ID 3657

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running the TWiki web application. This version of TWiki is vulnerable to a flaw where users can escalate their privileges, giving them administrative rights to the application. A valid user account is required in order to exploit this flaw. Successful exploitation leads to the attacker gaining administrative access. This can lead to a loss of confidentiality, integrity, and availability. In addition, the remote TWiki application is vulnerable to a 'file upload' flaw. An attacker exploiting this flaw would be able to insert and execute arbitrary script code with the permissions of the web server process. This can also lead to a loss of confidentiality, integrity, and availability.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://twiki.org/cgi-bin/view/Codev/SecurityAlertTWiki4PrivilegeElevation#Hotfix_for_TWiki_4_0_0_4_0_1_and

Plugin Details

Severity: High

ID: 3657

File Name: 3657.prm

Family: CGI

Published: 2006/06/19

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2006-4294, CVE-2006-3819, CVE-2006-3336, CVE-2006-2942

BID: 18506, 18854, 19188, 19907

OSVDB: 27081, 28603