AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
January 07, 2009, 12:17:11 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 5327 Members
Latest Member: koliangoodsb
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: TikiWiki XML-RPC Library Remote Code Execution Vulnerability 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: TikiWiki XML-RPC Library Remote Code Execution Vulnerability  (Read 472 times)
Brad
SysAdmin
Tech Team
Hero Member
********
Offline Offline

Posts: 391



View Profile
TikiWiki XML-RPC Library Remote Code Execution Vulnerability
« on: July 06, 2005, 05:27:17 PM »
* Technical Description *

A vulnerability was identified in TikiWiki, which could be exploited by remote attackers to execute arbitrary commands. This flaw is due to an input validation error in the Pear XML-RPC library, which could be exploited by attackers to execute arbitrary commands and compromise a vulnerable web server. For additional information, see : FrSIRT/ADV-2005-0911

 * Affected Products *

TikiWiki version 1.8.5 and prior

 * Solution *

Disable the XML-RPC support.

The FrSIRT is not aware of any official supplied patch for this issue.

 * References *

http://www.frsirt.com/english/advisories/2005/0985
http://www.gentoo.org/security/en/glsa/glsa-200507-06.xml
Logged
Mambo Hosting Resources
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  IMPORTANT ANNOUNCEMENTS  |  Security Announcements  |  Topic: TikiWiki XML-RPC Library Remote Code Execution Vulnerability « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!