Updated dokuwiki packages fix security vulnerabilities
Publication date: 31 Oct 2014Modification date: 31 Oct 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-8761 , CVE-2014-8762 , CVE-2014-8763 , CVE-2014-8764
Description
inc/template.php in DokuWiki before 2014-05-05a only checks for access to the
root namespace, which allows remote attackers to access arbitrary images via a
media file details ajax call (CVE-2014-8761).
The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote
attackers to access arbitrary images via a crafted namespace in the ns
parameter (CVE-2014-8762).
DokuWiki before 2014-05-05b, when using Active Directory for LDAP
authentication, allows remote attackers to bypass authentication via a
password starting with a null (\0) character and a valid user name, which
triggers an unauthenticated bind (CVE-2014-8763).
DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP
authentication, allows remote attackers to bypass authentication via a user
name and password starting with a null (\0) character, which triggers an
anonymous bind (CVE-2014-8764).
References
- https://bugs.mageia.org/show_bug.cgi?id=14252
- https://www.dokuwiki.org/changes#release_2014-09-29_hrun
- http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-byte-poisoning-in-LDAP-authentication
- http://openwall.com/lists/oss-security/2014/10/16/9
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8761
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8762
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8763
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8764
SRPMS
3/core
- dokuwiki-20140929-1.1.mga3
4/core
- dokuwiki-20140929-1.1.mga4