Didiwiki Local File Disclosure Vulnerability


Description   (#A vulnerability was reported in Didiwiki.#A remote attacker could exploit it by using a specific URL in order to access arbitrary file on the system with the privileges of the process.##This vulnerability stems from an lack of user input validation for parameter "page" of the "http://localhost:8000/api/page/get" web page.##A proof of concept is available.)
     
Vulnerable Products   Vulnerable OS:
GNU/Linux (Debian) - 6, 7, 8
     
Solution   Following a regression, new fixed didiwiki packages for Debian Wheezy 7 and Jessie 8 are available.
     
CVE   CVE-2013-7448
     
References   - Didiwiki : page_name_is_good function #1
https://github.com/OpenedHand/didiwiki/pull/1/files
- DSA 3485-1 : didiwiki security update
https://lists.debian.org/debian-security-announce/2016/msg00055.html
- DLA 424-1 : didiwiki security update
https://lists.debian.org/debian-lts-announce/2016/02/msg00015.html
- DSA 3485-2 : didiwiki security update
https://lists.debian.org/debian-security-announce/2016/msg00122.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
Misc : Directory traversal - parameter starting with ../
3.2.0
Directory traversal using ..\..
3.2.0
Directory traversal
3.2.0
Directory traversal backward root folder
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2016-02-20 

 Target Type 
Server 

 Possible exploit 
Remote