SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Forum/Board/Portal)  >   DokuWiki Vendors:   splitbrain.org
DokuWiki Access Control Flaws May Let Remote Users Access Functions
SecurityTracker Alert ID:  1011802
SecurityTracker URL:  http://securitytracker.com/id/1011802
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 20 2004
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2004-10-19
Description:   A vulnerability was reported in DokuWiki. A remote user may be able to access certain functions.

The vendor reported that several scripts do not properly enforce the access control list. Affected functions include recent changes, feed, search, and mediaselectiondialog.

Impact:   A remote user may be able to access some functions without authorization.
Solution:   The vendor has released a fixed version (2004-10-19), available at:

http://www.splitbrain.org/Programming/PHP/DokuWiki/dokuwiki-2004-10-19.tgz

Vendor URL:  www.splitbrain.org/dokuwiki/index.php (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC