Signature Detail

HTTP: TWiki VIEW Command Execution

This signature detects attempts to exploit a known vulnerability against shell metacharacters in a TWIki URL. TWiki 20030201 and earlier versions do not properly sanitize URL requests. Malicious users can execute arbitrary shell commands at the same privilege level as the Web server.

Extended Description

TWiki is reported prone to a shell metacharacter remote command execution vulnerability. This issue may allow an attacker gain unauthorized access to a vulnerable computer by executing arbitrary commands. TWiki 20030201 is reported vulnerable to this issue, however, it is likely that other versions are affected as well.

Affected Products

• Conectiva Linux 10.0.0
• Gentoo Linux
• TWiki 01-Dec-2000
• TWiki 01-Dec-2001
• TWiki 01-Feb-2003
• TWiki 20030201
• TWiki 20040901

References

• BugTraq: 11674
• CVE: CVE-2004-1037
• URL: http://twiki.org/cgi-bin/view/Codev/TWikiSecurityAlerts
• URL: http://www.ciac.org/ciac/bulletins/p-039.shtml