TikiWiki prior 1.8.2 multiple input validation vulnerabilities 2.0
 
Plugin ID180
Plugin nameTikiWiki prior 1.8.2 multiple input validation vulnerabilities
Plugin filenameTikiWiki prior 1.8.2 multiple input validation vulnerabilities.plugin
Plugin filesize3828 bytes
Plugin familyCGI
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/08
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/14
Plugin version2.0
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.1. Improved the pattern matching and introduced the plugin changelog in 2.0
Plugin protocoltcp
Plugin port80
Plugin procedure detectionopen|send GET /tiki-index.php HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *This is Tiki v0. OR HTTP/#.# ### *This is Tiki v1.[0-7].* OR HTTP/#.# ### *This is Tiki v1.8.[0-2]*
Plugin detection accuracy80
Plugin commentCheck is inspired by the Nessus plugin. As I do know the different attacks I will perhaps develop dedicated plugins for every flaw. See the exploiting information for more technical details.
Bug published nameJeiAr
Bug published emailsecurity at gulftech dot org
Bug published webhttp://www.gulftech.org
Bug published companyGulfTech Security Research Team
Bug published date2004/04/12
Bug advisoryhttp://www.gulftech.org/04112004.php
Bug affectedTikiWiki prior 1.8.2
Bug not affectedTikiWiki newer than 1.8.2 or other solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote host is running Tiki Wiki, a content management system written in PHP. There are several input validation vulnerabilities in version prior 1.8.2. These bugs may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection, directory traversal, and arbitrary file upload.
Bug solutionYou should install or upgrade the software to the latest version. See http://www.tikiwiki.org for more details. Also limit unwanted connections and communications with firewalling if possible.
Bug fixing timeApprox. 1 hour
Bug exploit availabilityYes
Bug exploit urlhttp://www.securityfocus.com/bid/10100/exploit/
Bug remoteYes
Bug localYes
Bug severityHigh
Bug popularity6
Bug simplicity8
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus is able to do the same check. The flaws are very well documented in the Bugtraq posting and at http://www.securityfocus.com/bid/10100/exploit/
Source SecurityFocus BID10100
Source Nessus ID14364
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.securityfocus.com/archive/1/360127

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.