First published: Wed Sep 17 2008(Updated: )
Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Twiki Twiki | =4.1.1 | |
Twiki Twiki | =4.0.1 | |
Twiki Twiki | =4.0.3 | |
Twiki Twiki | =4.0.4 | |
Twiki Twiki | =4.0 | |
Twiki Twiki | <=4.2.2 | |
Twiki Twiki | =4.2.1 | |
Twiki Twiki | =4.2.0 | |
Twiki Twiki | =4.0.0 | |
Twiki Twiki | =4.1.0 | |
Twiki Twiki | =4.0.2 | |
Twiki Twiki | =4.0.5 | |
Twiki Twiki | =4.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.