blob: f287bb4934264670ee155f4431c237ae7d32cdef [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200710-21">
<title>TikiWiki: Arbitrary command execution</title>
Tikiwiki contains a command injection vulnerability which may allow remote
execution of arbitrary code.
<product type="ebuild">tikiwiki</product>
<announced>October 20, 2007</announced>
<revised>October 20, 2007: 01</revised>
<package name="www-apps/tikiwiki" auto="yes" arch="*">
<unaffected range="ge"></unaffected>
<vulnerable range="lt"></vulnerable>
TikiWiki is an open source content management system written in PHP.
ShAnKaR reported that input passed to the "f" array parameter in
tiki-graph_formula.php is not properly verified before being used to
execute PHP functions.
<impact type="high">
An attacker could execute arbitrary code with the rights of the user
running the web server by passing a specially crafted parameter string
to the tiki-graph_formula.php file.
There is no known workaround at this time.
All TikiWiki users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=www-apps/tikiwiki-;</code>
<uri link="">CVE-2007-5423</uri>
<metadata tag="requester" timestamp="Sat, 13 Oct 2007 13:08:51 +0000">
<metadata tag="submitter" timestamp="Wed, 17 Oct 2007 22:20:02 +0000">
<metadata tag="bugReady" timestamp="Thu, 18 Oct 2007 18:49:04 +0000">