Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200711-19 (tikiwiki)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.59239

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200711-19 (tikiwiki)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing updates announced in
advisory GLSA 200711-19.

Multiple vulnerabilities have been discovered in TikiWiki, possibly
resulting in the remote execution of arbitrary code.

Solution:
All TikiWiki users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/tikiwiki-1.9.8.3'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200711-19
http://bugs.gentoo.org/show_bug.cgi?id=195503
http://www.gentoo.org/security/en/glsa/glsa-200710-21.xml

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-5423
BugTraq ID: 26006
http://www.securityfocus.com/bid/26006
Bugtraq: 20071010 Vulnerabilities digest (Google Search)
http://www.securityfocus.com/archive/1/482006/100/0/threaded
Bugtraq: 20071011 Tikiwiki 1.9.8 exploit ITW (Google Search)
http://www.securityfocus.com/archive/1/482128/100/0/threaded
https://www.exploit-db.com/exploits/4509
http://www.gentoo.org/security/en/glsa/glsa-200710-21.xml
http://bugs.gentoo.org/show_bug.cgi?id=195503
http://securityvulns.ru/Sdocument162.html
http://osvdb.org/40478
http://secunia.com/advisories/27190
http://secunia.com/advisories/27344
http://securityreason.com/securityalert/3216
http://www.vupen.com/english/advisories/2007/3492
XForce ISS Database: tikiwiki-tikigraphformula-command-execution(37076)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37076
Common Vulnerability Exposure (CVE) ID: CVE-2007-5682
BugTraq ID: 26220
http://www.securityfocus.com/bid/26220
Bugtraq: 20071029 Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/482908
http://www.sektioneins.de/advisories/SE-2007-01.txt
http://osvdb.org/43610

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.59239
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200711-19 (tikiwiki)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory GLSA 200711-19. Multiple vulnerabilities have been discovered in TikiWiki, possibly resulting in the remote execution of arbitrary code. Solution: All TikiWiki users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/tikiwiki-1.9.8.3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200711-19 http://bugs.gentoo.org/show_bug.cgi?id=195503 http://www.gentoo.org/security/en/glsa/glsa-200710-21.xml CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-5423 BugTraq ID: 26006 http://www.securityfocus.com/bid/26006 Bugtraq: 20071010 Vulnerabilities digest (Google Search) http://www.securityfocus.com/archive/1/482006/100/0/threaded Bugtraq: 20071011 Tikiwiki 1.9.8 exploit ITW (Google Search) http://www.securityfocus.com/archive/1/482128/100/0/threaded https://www.exploit-db.com/exploits/4509 http://www.gentoo.org/security/en/glsa/glsa-200710-21.xml http://bugs.gentoo.org/show_bug.cgi?id=195503 http://securityvulns.ru/Sdocument162.html http://osvdb.org/40478 http://secunia.com/advisories/27190 http://secunia.com/advisories/27344 http://securityreason.com/securityalert/3216 http://www.vupen.com/english/advisories/2007/3492 XForce ISS Database: tikiwiki-tikigraphformula-command-execution(37076) https://exchange.xforce.ibmcloud.com/vulnerabilities/37076 Common Vulnerability Exposure (CVE) ID: CVE-2007-5682 BugTraq ID: 26220 http://www.securityfocus.com/bid/26220 Bugtraq: 20071029 Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability (Google Search) http://www.securityfocus.com/archive/1/482908 http://www.sektioneins.de/advisories/SE-2007-01.txt http://osvdb.org/43610
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com