From: Reini U. <ru...@x-...> - 2005-03-31 07:15:47
|
Thomas Kristensen schrieb: > In the recent changelog for PhpWiki you describe two security issues. > http://sourceforge.net/project/shownotes.php?release_id=315974 > > I would like some details about who and how this could be exploited, > also I would like to know if any mitigating factors apply. problem from 1.3.10 - 1.3.11 * security fix for create ACL: action=edit is now checked for create" If someone edits the ACL to let someone edit but not create a page, and if someone creates a page by using the edit button, the create ACL was not ignored. * fixed possible security problems: allowing only posixly strict usernames, and an actual LDAP Injection problem, detected by Steve Christey, MITRE. LDAP auth could have been exploited by using wildcards as the username. See the MITRE report about that. (Sorry, no link) -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban http://phpwiki.org |