[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ MDVSA-2015:185 ] dokuwiki



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:185
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : dokuwiki
 Date    : March 31, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated dokuwiki packages fix security vulnerabilities:
 
 inc/template.php in DokuWiki before 2014-05-05a only checks for
 access to the root namespace, which allows remote attackers to access
 arbitrary images via a media file details ajax call (CVE-2014-8761).
 
 The ajax_mediadiff function in DokuWiki before 2014-05-05a allows
 remote attackers to access arbitrary images via a crafted namespace
 in the ns parameter (CVE-2014-8762).
 
 DokuWiki before 2014-05-05b, when using Active Directory for LDAP
 authentication, allows remote attackers to bypass authentication via
 a password starting with a null (\0) character and a valid user name,
 which triggers an unauthenticated bind (CVE-2014-8763).
 
 DokuWiki 2014-05-05a and earlier, when using Active Directory for
 LDAP authentication, allows remote attackers to bypass authentication
 via a user name and password starting with a null (\0) character,
 which triggers an anonymous bind (CVE-2014-8764).
 
 dokuwiki-2014-09-29a allows swf (application/x-shockwave-flash)
 uploads by default. This may be used for Cross-site scripting (XSS)
 attack which enables attackers to inject client-side script into Web
 pages viewed by other users. (CVE-2014-9253).
 
 The dokuwiki-2014-09-29b hotfix source disables swf uploads by default
 and fixes the CVE-2014-9253 issue.
 
 DokuWiki before 20140929c has a security issue in the ACL plugins
 remote API component. The plugin failed to check for superuser
 permissions before executing ACL addition or deletion. This means
 everybody with permissions to call the XMLRPC API also had permissions
 to set up their own ACL rules and thus circumventing any existing rules
 (CVE-2015-2172).
 
 DokuWiki before 20140929d is vulnerable to a cross-site scripting
 (XSS) issue in the user manager. The user's details were not properly
 escaped in the user manager's edit form. This allows a registered user
 to edit her own name (using the change profile option) to include
 malicious JavaScript code. The code is executed when a super user
 tries to edit the user via the user manager.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8761
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8762
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8763
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8764
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9253
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2172
 http://advisories.mageia.org/MGASA-2014-0438.html
 http://advisories.mageia.org/MGASA-2014-0540.html
 http://advisories.mageia.org/MGASA-2015-0093.html
 http://advisories.mageia.org/MGASA-2015-0118.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 a5f686823559e7dd1a39942e94f72a33  mbs1/x86_64/dokuwiki-20140929-1.4.mbs1.noarch.rpm 
 b38f45a6dc38c67d534d52db2c84b919  mbs1/SRPMS/dokuwiki-20140929-1.4.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVGmTimqjQ0CJFipgRAka7AKDNhVCVHbKzCkQ7hK+ho98oGr+7zgCdF9yd
0zXiuJ/6Q3A/o5IXUWq6SAk=
=DEys
-----END PGP SIGNATURE-----