Vulnerabilities > CVE-2005-2877 - Remote Arbitrary Command Execution vulnerability in TWiki TWikiUsers

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

twiki

nessus

exploit available

metasploit

NVD

Published: 2005-09-16

Updated: 2016-10-18

Summary

The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers.

Vulnerable Configurations

Part	Description	Count
Application	Twiki Twiki Twiki 2000-12-01 Twiki Twiki 2001-12-01 Twiki Twiki 2003-02-01 Twiki Twiki 2004-09-01 Twiki Twiki 2004-09-02	5

Exploit-Db

description	TWiki History TWikiUsers rev Parameter Command Execution. CVE-2005-2877. Webapps exploit for php platform
id	EDB-ID:16892
last seen	2016-02-02
modified	2010-07-03
published	2010-07-03
reporter	metasploit
source	https://www.exploit-db.com/download/16892/
title	TWiki History TWikiUsers rev Parameter Command Execution

description	TWiki TWikiUsers INCLUDE Function Remote Arbitrary Command Execution Vulnerability. CVE-2005-2877. Webapps exploit for php platform
id	EDB-ID:26302
last seen	2016-02-03
modified	2005-09-28
published	2005-09-28
reporter	JChristophFuchs
source	https://www.exploit-db.com/download/26302/
title	TWiki TWikiUsers INCLUDE Function Remote Arbitrary Command Execution Vulnerability

Metasploit

description	This module exploits a vulnerability in the history component of TWiki. By passing a 'rev' parameter containing shell metacharacters to the TWikiUsers script, an attacker can execute arbitrary OS commands.
id	MSF:EXPLOIT/UNIX/WEBAPP/TWIKI_HISTORY
last seen	2020-02-29
modified	2017-07-24
published	2010-02-21
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2877 http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithRev
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/webapp/twiki_history.rb
title	TWiki History TWikiUsers rev Parameter Command Execution

Nessus

NASL family	CGI abuses
NASL id	TWIKI_REV_CMD_EXEC.NASL
description	The version of TWiki running on the remote host allows an attacker to manipulate input to the
last seen	2020-06-01
modified	2020-06-02
plugin id	19704
published	2005-09-15
reporter	This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/19704
title	TWiki 'rev' Parameter Arbitrary Command Execution

Packetstorm

data source	https://packetstormsecurity.com/files/download/86538/twiki_history.rb.txt
id	PACKETSTORM:86538
last seen	2016-12-05
published	2010-02-23
reporter	B4dP4nd4
source	https://packetstormsecurity.com/files/86538/TWiki-History-TWikiUsers-rev-Parameter-Command-Execution.html
title	TWiki History TWikiUsers rev Parameter Command Execution

Saint

bid	14834
description	TWiki revision control shell command injection
id	web_prog_cgi_twikirev
osvdb	19403
title	twiki_rev
type	remote

Summary

Vulnerable Configurations

Exploit-Db

Metasploit

Nessus

Packetstorm

Saint

References