Short Name |
HTTP:CGI:TWIKI-SEARCH-CMD-EXEC |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
TWiki Search Module Remote Command Execution |
Release Date |
2005/02/23 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the TWiki, a Web-based collaboration application. Because the TWiki search function does not properly check a search string for shell metacharacters, attackers can create a search string containing quotes and shell commands, enabling them to execute arbitrary code with Web server privileges. When TWiki access is unrestricted, attackers are not required to authenticate before using the search function.
TWiki is reported prone to a shell metacharacter remote command execution vulnerability. This issue may allow an attacker gain unauthorized access to a vulnerable computer by executing arbitrary commands. TWiki 20030201 is reported vulnerable to this issue, however, it is likely that other versions are affected as well.