Vulnerabilities > CVE-2007-3193 - Unspecified vulnerability in PHPwiki
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpwiki
nessus
Summary
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200709-10.NASL description The remote host is affected by the vulnerability described in GLSA-200709-10 (PhpWiki: Authentication bypass) The PhpWiki development team reported an authentication error within the file lib/WikiUser/LDAP.php when binding to an LDAP server with an empty password. Impact : A remote attacker could provide an empty password when authenticating. Depending on the LDAP implementation used, this could bypass the PhpWiki authentication mechanism and grant the attacker access to the application. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 26100 published 2007-09-24 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26100 title GLSA-200709-10 : PhpWiki: Authentication bypass NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1371.NASL description Several vulnerabilities have been discovered in phpWiki, a wiki engine written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-2024 It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. - CVE-2007-2025 It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. - CVE-2007-3193 If the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, phpWiki might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations. last seen 2020-06-01 modified 2020-06-02 plugin id 26032 published 2007-09-14 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26032 title Debian DSA-1371-1 : phpwiki - several vulnerabilities
References
- http://osvdb.org/37219
- http://osvdb.org/37219
- http://secunia.com/advisories/25595
- http://secunia.com/advisories/25595
- http://secunia.com/advisories/26784
- http://secunia.com/advisories/26784
- http://secunia.com/advisories/26880
- http://secunia.com/advisories/26880
- http://security.gentoo.org/glsa/glsa-200709-10.xml
- http://security.gentoo.org/glsa/glsa-200709-10.xml
- http://sourceforge.net/project/shownotes.php?release_id=514820
- http://sourceforge.net/project/shownotes.php?release_id=514820
- http://sourceforge.net/tracker/index.php?func=detail&aid=1732882&group_id=6121&atid=106121
- http://sourceforge.net/tracker/index.php?func=detail&aid=1732882&group_id=6121&atid=106121
- http://www.debian.org/security/2007/dsa-1371
- http://www.debian.org/security/2007/dsa-1371
- http://www.vupen.com/english/advisories/2007/2144
- http://www.vupen.com/english/advisories/2007/2144
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34819
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34819