|
|
|
|
| |
MoniWiki is "a wiki web application used by many Korean Linux users. However, an input validation flaw can cause malicious attackers to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user".
Due to improper testing of incoming files, MoniWiki's files upload mechanism can be used to execute arbitrary code on the remote server (by uploading a PHP file, Perl scripts, etc). |
| |
Credit:
The information has been provided by SSR Team.
|
| |
Vulnerable Systems:
* MoniWiki version 1.0.9.2 and prior
MoniWiki doesn't implemented in "UploadFile.php" a check for multiple extensions in the files it receives as uploads (e.g. attack.php.hwp). Therefore a malicious attacker can upload an arbitrary script files (with the extension of PHP, PL, CGI, etc) to a web server.
This vulnerability allows an attacker to cause the execution of arbitrary code whenever the Apache's MIME module (mod_mime) is in use. As Appache's MIME module regards attack.php.hwp as a normal PHP file and execute the file through mod_php module with the privilege of the HTTPD process.
Solution:
A patch is available for the UploadFile.php file from: http://kldp.net/forum/forum.php?forum_id=2085
|
|
|
|
|
