Anyone knows if this vulnerability can be avoided by unchecking the 'XMLRPC API' option form the user features options, Thanks in advance. Gonzalo On 8/24/05, Thierry Carrez <koon@xxxxxxxxxx> wrote: > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Gentoo Linux Security Advisory GLSA 200508-14 > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > http://security.gentoo.org/ > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Severity: High > Title: TikiWiki, eGroupWare: Arbitrary command execution through > XML-RPC > Date: August 24, 2005 > Bugs: #102374, #102377 > ID: 200508-14 > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Synopsis > ======== > > TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to > arbitrary command execution. > > Background > ========== > > TikiWiki is a full featured Free Software Wiki, CMS and Groupware > written in PHP. eGroupWare is a web-based collaboration software suite. > Both TikiWiki and eGroupWare include a PHP library to handle XML-RPC > requests. > > Affected packages > ================= > > ------------------------------------------------------------------- > Package / Vulnerable / Unaffected > ------------------------------------------------------------------- > 1 www-apps/tikiwiki < 1.8.5-r2 >= 1.8.5-r2 > 2 www-apps/egroupware < 1.0.0.009 >= 1.0.0.009 > ------------------------------------------------------------------- > 2 affected packages on all of their supported architectures. > ------------------------------------------------------------------- > > Description > =========== > > The XML-RPC library shipped in TikiWiki and eGroupWare improperly > handles XML-RPC requests and responses with malformed nested tags. > > Impact > ====== > > A remote attacker could exploit this vulnerability to inject arbitrary > PHP script code into eval() statements by sending a specially crafted > XML document to TikiWiki or eGroupWare. > > Workaround > ========== > > There is no known workaround at this time. > > Resolution > ========== > > All TikiWiki users should upgrade to the latest version: > > # emerge --sync > # emerge --ask --oneshot --verbose ">=www-apps/tikiwiki-1.8.5-r2" > > All eGroupWare users should upgrade to the latest version: > > # emerge --sync > # emerge --ask --oneshot --verbose ">=www-apps/egroupware-1.0.0.009" > > References > ========== > > [ 1 ] CAN-2005-2498 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498 > > Availability > ============ > > This GLSA and any updates to it are available for viewing at > the Gentoo Security Website: > > http://security.gentoo.org/glsa/glsa-200508-14.xml > > Concerns? > ========= > > Security is a primary focus of Gentoo Linux and ensuring the > confidentiality and security of our users machines is of utmost > importance to us. Any security concerns should be addressed to > security@xxxxxxxxxx or alternatively, you may file a bug at > http://bugs.gentoo.org. > > License > ======= > > Copyright 2005 Gentoo Foundation, Inc; referenced text > belongs to its owner(s). > > The contents of this document are licensed under the > Creative Commons - Attribution / Share Alike license. > > http://creativecommons.org/licenses/by-sa/2.0 > > > >
