Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2559

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-2559
Last Modified 10 Sep 2008 03:34:04
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2559

Summary

DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks.

Vulnerable Systems

Application

  • Andreas Gohr Dokuwiki Release 2004-07-04

  • Andreas Gohr Dokuwiki Release 2004-07-07

  • Andreas Gohr Dokuwiki Release 2004-07-12

  • Andreas Gohr Dokuwiki Release 2004-07-21

  • Andreas Gohr Dokuwiki Release 2004-07-25

  • Andreas Gohr Dokuwiki Release 2004-08-08

  • Andreas Gohr Dokuwiki Release 2004-08-15a

  • Andreas Gohr Dokuwiki Release 2004-08-22

  • Andreas Gohr Dokuwiki Release 2004-09-12

  • Andreas Gohr Dokuwiki Release 2004-09-25

  • Andreas Gohr Dokuwiki Release 2004-09-30


References

SECTRACK - 1011802

XF - dokuwiki-acl-gain-access(17799)

OSVDB - 11005

CONFIRM - http://wiki.splitbrain.org/wiki:old_changes


Last Updated: 27 May 2016 10:39:32