First Last Prev Next    This bug is not in your last search results.
Bug 1016606 - (CVE-2016-10026) VUL-0: CVE-2016-10026: ikiwiki: authorization bypass when reverting changes
(CVE-2016-10026)
VUL-0: CVE-2016-10026: ikiwiki: authorization bypass when reverting changes
Status: RESOLVED WORKSFORME
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 42.2
Other Other
: P3 - Medium : Normal (vote)
: ---
Assigned To: Milan Vančura
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-12-20 22:13 UTC by Mikhail Kasimov
Modified: 2017-01-12 08:18 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2016-12-20 22:13:30 UTC 
Ref: http://seclists.org/oss-sec/2016/q4/717
=================================================
Reference: http://ikiwiki.info/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed/
Vulnerable versions: < 3.20161219
Fixed versions: >= 3.20161219
Fix: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9cada49ed6ad24556dbe9861ad5b0a9f526167f9

ikiwiki is a static site generator with some dynamic features,
used for wikis, blogs and other websites.

intrigeri discovered that on sites with the git and recentchanges
plugins and the CGI interface enabled, the revert links on the
RecentChanges page could revert changes on a page the logged-in user
cannot legitimately edit, if the change being reverted was made before
the page was renamed from a location that the logged-in user *could*
legitimately edit.

Please allocate a CVE ID for this vulnerability.

Thanks,
    S
=================================================

Don't know about this report, because, due to https://software.opensuse.org/package/ikiwiki , this package is not in official (open-)SUSE repos...
Comment 1 Swamp Workflow Management 2016-12-20 23:04:56 UTC 
bugbot adjusting priority
Comment 2 Marcus Meissner 2016-12-21 07:44:19 UTC 
we are not shipping it, it might just be deployed in some places.
Comment 3 Leonardo Chiquitto 2016-12-21 18:31:48 UTC 
Our internal Ikiwiki instance is maintained by the L3 Team.
Comment 4 Andreas Stieger 2017-01-12 08:18:09 UTC 
Not in the distribution, closing.
First Last Prev Next    This bug is not in your last search results.