[Secure-testing-team] Bug#844732: dokuwiki: CVE-2016-7965
Salvatore Bonaccorso
carnil at debian.org
Fri Nov 18 14:02:05 UTC 2016
Source: dokuwiki
Version: 0.0.20160626.a-1
Severity: normal
Tags: security upstream
Forwarded: https://github.com/splitbrain/dokuwiki/issues/1709
Hi,
the following vulnerability was published for dokuwiki. TTBOMK, it
looks like upstream does not plan to address this/plan to mark it as
wontfix.
CVE-2016-7965[0]:
| DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the
| baseurl setting as part of the password-reset URL. This can lead to
| phishing attacks. (A remote unauthenticated attacker can change the
| URL's hostname via the HTTP Host header.) The vulnerability can be
| triggered only if the Host header is not part of the web server routing
| process (e.g., if several domains are served by the same web server).
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-7965
[1] https://github.com/splitbrain/dokuwiki/issues/1709
Regards,
Salvatore
More information about the Secure-testing-team
mailing list