Updated dokuwiki packages fix security vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
Vulnerabilities: Bypassing a security policy in DokuWiki
Danger level: Middle
Availability fixes: Yes
Number of vulnerabilities: 4
CVSSv2 Rating:
(AV: N / AC: M / Au: N / C: P / I: P / A: N / E: U / RL: O / RC: C) = Base: 5.8 / Temporal: 4.3
(AV: N / AC: L / Au: N / C: P / I: N / A: N) = Base Score: 5.0
CVE ID: CVE-2014-8761; CVE-2014-8762, CVE-2014-8763, CVE-2014-8764
Vector of operation: Remote
Impact: Bypassing a security policy, unauthorized disclosure of information
Affected products: DokuWiki
Affected versions: DokuWiki version to 2014-05-05a
Description:
The vulnerabilities allows malicious people to bypass certain security restrictions.
The vulnerability is due to the fact that the application does not properly validate access rights. This can be exploited to bypass security restrictions and disclose sensitive information.
1. [CVE-2014-8761: vulnerability] – inc/template.php in DokuWiki before 2014-05-05a only checks for access to the root namespace, which allows remote attackers to access arbitrary images via a media file details ajax call.
2. [CVE-2014-8762: vulnerability] – the ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.
3. [CVE-2014-8763: vulnerability] – allows remote attackers to bypass authentication via a password starting with a null () character and a valid user name, which triggers an unauthenticated bind.
4. [CVE-2014-8764: vulnerability] – allows remote attackers to bypass authentication via a user name and password starting with a null () character.
Solution: Install the latest version 2014-05-05a from the manufacturer.
References:
https://www.dokuwiki.org/changes
https://github.com/splitbrain/dokuwiki/issues/765
Manufacturer URL: http://wiki.splitbrain.org/wiki:dokuwiki