Tiki Wiki CMS Groupware Plugin Snarf 'snarf_ajax.php' PHP Code Injection Vulnerability

Bugtraq ID:	51168
Class:	Input Validation Error
CVE:	CVE-2011-4558
Remote:	Yes
Local:	No
Published:	Dec 22 2011 12:00AM
Updated:	Dec 22 2011 12:00AM
Credit:	EgiX
Vulnerable:	Tiki Wiki CMS Groupware Tiki Wiki CMS/Groupware 8.1 Tiki Wiki CMS Groupware Tiki Wiki CMS/Groupware 7.2 Tiki Wiki CMS Groupware Tiki Wiki CMS Groupware 8.2 Tiki Wiki CMS Groupware Tiki Wiki CMS Groupware 7.0
Not Vulnerable:

Tiki Wiki CMS Groupware Plugin Snarf 'snarf_ajax.php' PHP Code Injection Vulnerability

Tiki Wiki CMS Groupware is prone to a remote PHP code-injection vulnerability.

An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

Tiki Wiki CMS Groupware 8.2 and prior versions are vulnerable.

Tiki Wiki CMS Groupware Plugin Snarf 'snarf_ajax.php' PHP Code Injection Vulnerability

Attackers can exploit this issue through a browser.

The following example URI is available:

http://www.example.com/tiki-8.2/snarf_ajax.php?url=1&regexres=phpinfo()&regex=//e%00/

Tiki Wiki CMS Groupware Plugin Snarf 'snarf_ajax.php' PHP Code Injection Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Tiki Wiki CMS Groupware Plugin Snarf 'snarf_ajax.php' PHP Code Injection Vulnerability

References:

• Tiki Wiki CMS Groupware Homepage (Tiki Wiki CMS Groupware)