Intrusion Prevention

TWiki.Search.Shell.Command.Execution

Description

This indicates an attack attempt against a command execution vulnerability in TWiki.
The vulnerability is caused by an error when the vulnerable software handles a malicious HTTP request. It allows a remote attacker to execute arbitrary command via sending a crafted web page.

Affected Products

TWiki before 4.2.4

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to latest version 4.2.4.

CVE References

CVE-2008-5305