DokuWiki Multiple Vulnerabilities Network Vulnerability

Summary

DokuWiki is prone to an information-disclosure vulnerability and to multiple security-bypass vulnerabilities. Exploiting this issues may allow attackers to determine whether certain files reside on the affected computer. Information obtained may lead to further attacks. Unauthenticated attackers can leverage these issues to change or delete wiki permissions. This issue affects DokuWiki 2009-12-25 other versions may be vulnerable as well.

Solution

Reports indicate that updates are available, but Symantec has not confirmed this information. Please see the references and contact the vendor for details.

References

http://www.dokuwiki.org/
http://www.securityfocus.com/bid/37820
http://www.securityfocus.com/bid/37821

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0287
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Adobe ColdFusion Multiple Full Path Disclosure Vulnerabilities
APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
AbanteCart Multiple Cross-Site Scripting Vulnerabilities

Take action and discover your vulnerabilities