Intrusion Prevention



It indicates a possible exploit of shell command injection vulnerability in TWiki.
The revision control function of the TWikiUsers script uses the backtick shell metacharacter to construct a command line. An attacker may use a specially crafted URI to execute arbitrary commands through the shell.

Affected Products

TWiki TWiki 20040902
TWiki TWiki 20040901
TWiki TWiki 20030201
TWiki TWiki 01-Dec-2001


Execute arbitrary code

Recommended Actions

Apply the latest patch available from the TWiki Web site.

CVE References