Vulnerabilities > CVE-2012-6330 - Numeric Errors vulnerability in multiple products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

twiki

foswiki

CWE-189

nessus

exploit available

metasploit

NVD

Published: 2013-01-04

Updated: 2016-11-28

Summary

The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large integer in a %MAKETEXT% macro.

Vulnerable Configurations

Part	Description	Count
Application	Twiki Twiki Twiki 5.1.0 Twiki Twiki 5.1.1 Twiki Twiki - Twiki Twiki 4.0 Twiki Twiki 4.0.5 Twiki Twiki 4.1 Twiki Twiki 4.1.2 Twiki Twiki 4.2 Twiki Twiki 4.2.4 Twiki Twiki 4.3 Twiki Twiki 4.3.2 Twiki Twiki 5.0 Twiki Twiki 5.0.2 Twiki Twiki 5.1 Twiki Twiki 5.1.2	15
Application	Foswiki Foswiki Foswiki 1.0.0 Foswiki Foswiki 1.0.1 Foswiki Foswiki 1.0.2 Foswiki Foswiki 1.0.3 Foswiki Foswiki 1.0.4 Foswiki Foswiki 1.0.10 Foswiki Foswiki 1.1.0 Foswiki Foswiki 1.1.1 Foswiki Foswiki 1.1.2 Foswiki Foswiki 1.1.3 Foswiki Foswiki 1.1.4 Foswiki Foswiki 1.1.5 Foswiki Foswiki 1.1.6	13

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

D2sec

name	Foswiki 1.1.5 RCE
url	http://www.d2sec.com/exploits/foswiki_1.1.5_rce.html

Exploit-Db

description	Foswiki MAKETEXT Remote Command Execution. CVE-2012-6329,CVE-2012-6330. Remote exploit for unix platform
id	EDB-ID:23580
last seen	2016-02-02
modified	2012-12-23
published	2012-12-23
reporter	metasploit
source	https://www.exploit-db.com/download/23580/
title	Foswiki MAKETEXT Remote Command Execution

Metasploit

description	This module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
id	MSF:EXPLOIT/UNIX/WEBAPP/FOSWIKI_MAKETEXT
last seen	2020-05-01
modified	2018-08-20
published	2012-12-21
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6329 http://foswiki.org/Support/SecurityAlert-CVE-2012-6330
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/webapp/foswiki_maketext.rb
title	Foswiki MAKETEXT Remote Command Execution

Nessus

NASL family	CGI abuses
NASL id	TWIKI_5_1_3.NASL
description	According to its version number, the instance of TWiki running on the remote host is affected by multiple security vulnerabilities : - The
last seen	2020-06-01
modified	2020-06-02
plugin id	63399
published	2013-01-07
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/63399
title	TWiki < 5.1.3 Multiple Vulnerabilities

Packetstorm

data source	https://packetstormsecurity.com/files/download/119055/foswiki_maketext.rb.txt
id	PACKETSTORM:119055
last seen	2016-12-05
published	2012-12-24
reporter	juan vazquez
source	https://packetstormsecurity.com/files/119055/Foswiki-MAKETEXT-Remote-Command-Execution.html
title	Foswiki MAKETEXT Remote Command Execution

Seebug

bulletinFamily	exploit
description	No description provided by source.
id	SSV:77334
last seen	2017-11-19
modified	2014-07-01
published	2014-07-01
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-77334
title	Foswiki MAKETEXT Remote Command Execution

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

D2sec

Exploit-Db

Metasploit

Nessus

Packetstorm

Seebug

References