Speedywiki Multiple Input Validation Vulnerabilities
BID:20976
Info
Speedywiki Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 20976 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2006 12:00AM |
| Updated: | Jan 26 2007 04:59PM |
| Credit: | Laurent Gaffi & Benjamin Moss are credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Speedywiki Speedywiki 2.1 Speedywiki Speedywiki 2.0 |
| Not Vulnerable: |
Speedywiki Speedywiki 2.2 |
Discussion
Speedywiki Multiple Input Validation Vulnerabilities
Speedywiki is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include an arbitrary file-upload vulnerability and a cross-site scripting vulnerability.
An attacker may leverage these issues to upload and execute arbitrary code within the context of the affected webserver and to steal cookie-based authentication credentials. Other attacks are also possible.
Versions prior to 2.2 is vulnerable to this issue.
Speedywiki is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include an arbitrary file-upload vulnerability and a cross-site scripting vulnerability.
An attacker may leverage these issues to upload and execute arbitrary code within the context of the affected webserver and to steal cookie-based authentication credentials. Other attacks are also possible.
Versions prior to 2.2 is vulnerable to this issue.
Exploit / POC
Speedywiki Multiple Input Validation Vulnerabilities
Attackers can exploit the cross-site scripting issue by enticing a victim to follow a malicious URI.
Attackers can exploit the arbitrary file-upload issue through a web client.
The following proof-of-concept URIs are available:
http://www.example.com/index.php?showRevisions=[xss]
Attackers can exploit the cross-site scripting issue by enticing a victim to follow a malicious URI.
Attackers can exploit the arbitrary file-upload issue through a web client.
The following proof-of-concept URIs are available:
http://www.example.com/index.php?showRevisions=[xss]
Solution / Fix
Speedywiki Multiple Input Validation Vulnerabilities
Solution:
The vendor released an update to address this issue. Please see the references for more information.
Solution:
The vendor released an update to address this issue. Please see the references for more information.
References
Speedywiki Multiple Input Validation Vulnerabilities
References:
References:
- Speedywiki Release Notes Version 2.2. (Speedywiki)
- Vendor Home Page (Speedywiki)
- Speedwiki 2.0 Arbitrary File Upload Vulnerability ([email protected])