6.5 - MDVSA-2015:185

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Informations
Name	MDVSA-2015:185	First vendor Publication	2015-03-31
Vendor	Mandriva	Last vendor Modification	2015-03-31
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Cvss Base Score	6.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	8	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Updated dokuwiki packages fix security vulnerabilities:

inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call (CVE-2014-8761).

The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter (CVE-2014-8762).

DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\0) character and a valid user name, which triggers an unauthenticated bind (CVE-2014-8763).

DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind (CVE-2014-8764).

dokuwiki-2014-09-29a allows swf (application/x-shockwave-flash) uploads by default. This may be used for Cross-site scripting (XSS) attack which enables attackers to inject client-side script into Web pages viewed by other users. (CVE-2014-9253).

The dokuwiki-2014-09-29b hotfix source disables swf uploads by default and fixes the CVE-2014-9253 issue.

DokuWiki before 20140929c has a security issue in the ACL plugins remote API component. The plugin failed to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also had permissions to set up their own ACL rules and thus circumventing any existing rules (CVE-2015-2172).

DokuWiki before 20140929d is vulnerable to a cross-site scripting (XSS) issue in the user manager. The user's details were not properly escaped in the user manager's edit form. This allows a registered user to edit her own name (using the change profile option) to include malicious JavaScript code. The code is executed when a super user tries to edit the user via the user manager.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2015:185

CWE : Common Weakness Enumeration

%	Id	Name
33 %	CWE-287	Improper Authentication
33 %	CWE-200	Information Exposure
17 %	CWE-284	Access Control (Authorization) Issues
17 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28267

Oval ID:	oval:org.mitre.oval:def:28267
Title:	DSA-3059-1 -- dokuwiki security update
Description:	Two vulnerabilities have been discovered in dokuwiki. Access control in the media manager was insufficiently restricted and authentication could be bypassed when using Active Directory for LDAP authentication.
Family:	unix	Class:	patch
Reference(s):	DSA-3059-1 CVE-2014-8761 CVE-2014-8762 CVE-2014-8763 CVE-2014-8764	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	dokuwiki
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND dokuwiki is earlier than 0:0.0.20120125b-2+deb7u1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Dokuwiki cpe:2.3:a:dokuwiki:dokuwiki:2009-12-25c:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2009-02-14b:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2009-02-14:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2008-05-05:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2007-06-26:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2006-11-06:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2006-06-04:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09e:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2006-03-09:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2006-03-05:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-09-22:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-09-19:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-07-13:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-07-01:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-05-07:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-02-18:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-02-06:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-01-16a:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-01-15:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2005-01-14:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-11-10:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-11-02:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-11-01:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-09-30:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-09-25:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-09-12:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-08-22:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-08-15a:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-08-08:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-07-25:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-07-21:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-07-12:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-07-07:::::::* cpe:2.3:a:dokuwiki:dokuwiki:2004-07-04:::::::* cpe:2.3:a:dokuwiki:dokuwiki:rc2009-02-06:::::::* cpe:2.3:a:dokuwiki:dokuwiki:rc2009-01-30:::::::* cpe:2.3:a:dokuwiki:dokuwiki:::::::: cpe:2.3:a:dokuwiki:dokuwiki:-:::::::*	38
Os	Mageia cpe:2.3:o:mageia:mageia:4.0:::::::*	1
Os	Mageia Project Mageia cpe:2.3:o:mageia_project:mageia:4.0:::::::* cpe:2.3:o:mageia_project:mageia:3.0:::::::*	2

Nessus® Vulnerability Scanner

Date	Description
2015-04-01	Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2015-185.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3079.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3186.nasl - Type : ACT_GATHER_INFO
2015-03-27	Name : The remote Fedora host is missing a security update. File : fedora_2015-3211.nasl - Type : ACT_GATHER_INFO
2015-03-26	Name : The remote Debian host is missing a security update. File : debian_DLA-79.nasl - Type : ACT_GATHER_INFO
2014-10-30	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3059.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2015-04-02 13:28:09	Multiple Updates
2015-03-31 21:30:57	Multiple Updates
2015-03-31 13:25:57	First insertion

Global Informations

Type	Count
CWE ID(s)	6
Oval ID(s)	1
CPE ID(s)	41
Nessus® Exploit(s)	6

	Related
6.5	CVE-2015-2172
5	CVE-2014-8764
5	CVE-2014-8763
5	CVE-2014-8762
5	CVE-2014-8761
4.3	CVE-2014-9253
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 6 more Alert(s)

6.5 - MDVSA-2015:185

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU