Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2010 Greenbone AGOPENVAS:1361412562310100451
HistoryJan 18, 2010 - 12:00 a.m.

DokuWiki < 2009-12-25b Multiple Vulnerabilities

2010-01-1800:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
29

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON

DokuWiki is prone to an information disclosure vulnerability and
to multiple security bypass vulnerabilities.

# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:dokuwiki:dokuwiki";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.100451");
  script_version("2023-07-28T16:09:07+0000");
  script_cve_id("CVE-2010-0287");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_tag(name:"last_modification", value:"2023-07-28 16:09:07 +0000 (Fri, 28 Jul 2023)");
  script_tag(name:"creation_date", value:"2010-01-18 11:34:48 +0100 (Mon, 18 Jan 2010)");
  script_name("DokuWiki < 2009-12-25b Multiple Vulnerabilities");
  script_category(ACT_GATHER_INFO);
  script_family("Web application abuses");
  script_copyright("Copyright (C) 2010 Greenbone AG");
  script_dependencies("gb_dokuwiki_detect.nasl");
  script_mandatory_keys("dokuwiki/installed");

  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/37821");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/37820");

  script_tag(name:"summary", value:"DokuWiki is prone to an information disclosure vulnerability and
  to multiple security bypass vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"impact", value:"Exploiting these issues may allow attackers to determine whether
  certain files reside on the affected computer. Information obtained may lead to further attacks.
  Unauthenticated attackers can leverage these issues to change or delete wiki permissions.");

  script_tag(name:"affected", value:"These issues affect DokuWiki version 2009-12-25. Other
  versions may be vulnerable as well.");

  script_tag(name:"solution", value:"Reports indicate that updates are available, but Symantec has
  not confirmed this information. Please see the references and contact the vendor for details.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( ! port = get_app_port( cpe:CPE ) )
  exit( 0 );

if( ! vers = get_app_version( cpe:CPE, port:port ) )
  exit( 0 );

if( version_is_less( version:vers, test_version:"2009-12-25b" ) ) {
  report = report_fixed_ver( installed_version:vers, fixed_version:"2009-12-25b" );
  security_message( port:port, data:report );
  exit( 0 );
}

exit( 99 );

Related

prion 1
cve 1
debiancve 1
cvelist 1
ubuntucve 1
nvd 1
exploitdb 1
freebsd 1
securityvulns 2
nessus 5
openvas 8
debian 3
osv 1
gentoo 1
prion
prion
Directory traversal
2010-02-15 18:30:00
cve
cve
CVE-2010-0287
2010-02-15 18:30:00
debiancve
debiancve
CVE-2010-0287
2010-02-15 18:30:00
cvelist
cvelist
CVE-2010-0287
2010-02-15 18:00:00
ubuntucve
ubuntucve
CVE-2010-0287
2010-02-15 00:00:00
nvd
nvd
CVE-2010-0287
2010-02-15 18:30:00
exploitdb
exploitdb
dokuwiki 2009-12-25 - Multiple Vulnerabilities
2010-01-14 00:00:00
freebsd
freebsd
dokuwiki -- multiple vulnerabilities
2010-01-17 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-23 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2010-01-23 00:00:00
nessus
nessus
FreeBSD : dokuwiki -- multiple vulnerabilities (848539dc-0458-11df-8dd7-002170daae37)
2010-01-19 00:00:00
Fedora 11 : dokuwiki-0-0.4.20091225.c.fc11 (2010-0770)
2010-07-01 00:00:00
Debian DSA-1976-1 : dokuwiki - several vulnerabilities
2010-02-24 00:00:00
openvas
openvas
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
Fedora Update for dokuwiki FEDORA-2010-0770
2010-03-02 00:00:00
FreeBSD Ports: dokuwiki
2010-02-10 00:00:00
debian
debian
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 19:59:59
[Backports-security-announce] Security Update for dokuwiki
2010-02-04 20:00:25
[SECURITY] [DSA-1976-1] New dokuwiki packages fix several vulnerabilities
2010-01-22 16:11:52
osv
osv
dokuwiki - several vulnerabilities
2010-01-22 00:00:00
gentoo
gentoo
DokuWiki: Multiple vulnerabilities
2013-01-09 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON
Related for OPENVAS:1361412562310100451
prion1cve1debiancve1cvelist1ubuntucve1nvd1exploitdb1freebsd1securityvulns2nessus5openvas8debian3osv1gentoo1