ID CVE-2004-1037
Summary The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
References
Vulnerable Configurations
  • cpe:2.3:a:twiki:twiki:2003-02-01
    cpe:2.3:a:twiki:twiki:2003-02-01
  • Gentoo Linux
    cpe:2.3:o:gentoo:linux
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description TWiki 20030201 search.pm Remote Command Execution Exploit. CVE-2004-1037. Webapps exploit for cgi platform
    id EDB-ID:642
    last seen 2016-01-31
    modified 2004-11-20
    published 2004-11-20
    reporter RoMaNSoFt
    source https://www.exploit-db.com/download/642/
    title TWiki 20030201 - search.pm Remote Command Execution Exploit
  • description TWiki Search Function Arbitrary Command Execution. CVE-2004-1037. Webapps exploit for php platform
    id EDB-ID:16894
    last seen 2016-02-02
    modified 2010-07-03
    published 2010-07-03
    reporter metasploit
    source https://www.exploit-db.com/download/16894/
    title TWiki Search Function Arbitrary Command Execution
metasploit via4
description This module exploits a vulnerability in the search component of TWiki. By passing a 'search' parameter containing shell metacharacters to the 'WebSearch' script, an attacker can execute arbitrary OS commands.
id MSF:EXPLOIT/UNIX/WEBAPP/TWIKI_SEARCH
last seen 2019-03-07
modified 2017-07-24
published 2010-02-21
reliability Excellent
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/twiki_search.rb
title TWiki Search Function Arbitrary Command Execution
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_TWIKI_20040902.NASL
    description The following package needs to be updated: twiki
    last seen 2016-09-26
    modified 2011-10-03
    plugin id 15815
    published 2004-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15815
    title FreeBSD : twiki -- arbitrary shell command execution (196)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_B4AF3EDE36E911D9A9E70001020EED82.NASL
    description Hans Ulrich Niedermann reports : The TWiki search function uses a user-supplied search string to compose a command line executed by the Perl backtick (``) operator. The search string is not checked properly for shell metacharacters and is thus vulnerable to search string containing quotes and shell commands. IMPACT: An attacker is able to execute arbitrary shell commands with the privileges of the TWiki process.
    last seen 2019-02-21
    modified 2018-11-23
    plugin id 36281
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36281
    title FreeBSD : twiki -- arbitrary shell command execution (b4af3ede-36e9-11d9-a9e7-0001020eed82)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200411-33.NASL
    description The remote host is affected by the vulnerability described in GLSA-200411-33 (TWiki: Arbitrary command execution) The TWiki search function, which uses a shell command executed via the Perl backtick operator, does not properly escape shell metacharacters in the user-provided search string. Impact : An attacker can insert malicious commands into a search request, allowing the execution of arbitrary commands with the privileges of the user running TWiki (usually the Web server user). Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 15827
    published 2004-11-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15827
    title GLSA-200411-33 : TWiki: Arbitrary command execution
packetstorm via4
data source https://packetstormsecurity.com/files/download/86541/twiki_search.rb.txt
id PACKETSTORM:86541
last seen 2016-12-05
published 2010-02-23
reporter metasploit.com
source https://packetstormsecurity.com/files/86541/TWiki-Search-Function-Arbitrary-Command-Execution.html
title TWiki Search Function Arbitrary Command Execution
refmap via4
bid 11674
bugtraq 20041112 TWiki search function allows arbitrary shell command execution
ciac P-039
conectiva CLA-2005:918
confirm http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearch
fulldisc 20041116 Re: [Full-Disclosure] TWiki search function allows arbitrary shell command execution
gentoo GLSA-200411-33
xf twik-search-command-execution(18062)
saint via4
bid 11674
description TWiki Search.pm shell command injection
id web_prog_cgi_twikisearch
osvdb 11714
title twiki_search
type remote
Last major update 17-10-2016 - 22:50
Published 01-03-2005 - 00:00
Last modified 10-07-2017 - 21:30
Back to Top