Vulnerabilities > CVE-2009-2944 - Information Disclosure vulnerability in ikiwiki 'teximg' Plugin Insecure TeX Commands
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2009-9244.NASL description Fix CVE-2009-2944, see bz 520543. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40951 published 2009-09-14 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40951 title Fedora 11 : ikiwiki-3.1415926-1.fc11 (2009-9244) NASL family Fedora Local Security Checks NASL id FEDORA_2009-9254.NASL description Fix CVE-2009-2944, see bz 520543. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40952 published 2009-09-14 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40952 title Fedora 10 : ikiwiki-2.72-2.fc10 (2009-9254) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1875.NASL description Josh Triplett discovered that the blacklist for potentially harmful TeX code of the teximg module of the Ikiwiki wiki compiler was incomplete, resulting in information disclosure. last seen 2020-06-01 modified 2020-06-02 plugin id 44740 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44740 title Debian DSA-1875-1 : ikiwiki - missing input sanitising NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_6E8F54AFA07D11DEA649000C2955660F.NASL description The IkiWiki development team reports : IkiWikis teximg plugin last seen 2020-06-01 modified 2020-06-02 plugin id 40957 published 2009-09-14 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40957 title FreeBSD : ikiwiki -- insufficient blacklisting in teximg plugin (6e8f54af-a07d-11de-a649-000c2955660f)
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 36181 CVE(CAN) ID: CVE-2009-2944 Ikiwiki是一个wiki编译器,可将wiki页面转换为可在网站发布的HTML页面。 Ikiwiki的teximg插件没有正确地将不安全的TeX命令加入到黑名单,本地攻击者可以使用这个命令读取系统上的任意文件内容。 ikiwiki 2.x 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1875-1)以及相应补丁: DSA-1875-1:New ikiwiki packages fix information disclosure 链接:http://www.debian.org/security/2009/dsa-1875 补丁下载: Source archives: http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_2.53.4.tar.gz Size/MD5 checksum: 768022 d2ab889b5aa29ed5c4910aebc5d10c82 http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_2.53.4.dsc Size/MD5 checksum: 1095 d4c29cc8a5c5e57bf73dff92738d2383 Architecture independent packages: http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_2.53.4_all.deb Size/MD5 checksum: 911086 6eac3777f3b38bc7e7a4a53571440b6e 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade ikiwiki ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://ftp.de.debian.org/debian/pool/main/i/ikiwiki/ikiwiki_3.1415926.tar.gz http://security.debian.org/pool/updates/main/i/ikiwiki/ikiwiki_2.53.4_all.deb |
| id | SSV:12171 |
| last seen | 2017-11-19 |
| modified | 2009-09-02 |
| published | 2009-09-02 |
| reporter | Root |
| title | ikiwiki teximg插件不安全TeX命令信息泄露漏洞 |
References
- http://ikiwiki.info/security/#index35h2
- http://osvdb.org/57575
- http://secunia.com/advisories/36516
- http://secunia.com/advisories/36539
- http://www.debian.org/security/2009/dsa-1875
- http://www.securityfocus.com/bid/36181
- http://www.vupen.com/english/advisories/2009/2475
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52922