Bug#430691: hiki: [security] vulnerability that arbitrary files would be deleted

Hideki Yamane (Debian-JP) Tue, 26 Jun 2007 10:07:47 -0700

Package: hiki
Severity: critical
Tags: security
Justification: causes serious data loss


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear hiki maintainer,

 Kazuhiro Nishiyama found a vulnerability in hiki that remote attacker 
 can delete arbitrary files by Hiki user's privilege, probably www-data 
 user's one. 

 Hiki 0.8.0 - 0.8.6 is affected, it means that stable, testing and unstable
 pacakges in Debian are affected. Please update hiki package.

 For more detail, see http://hikiwiki.org/en/advisory20070624.html
 

- -- 
Regards,

 Hideki Yamane

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGgT1nIu0hy8THJksRAt0fAKCytE2I88MtbMlCoPV6nsvjo4HViwCeJv1T
/K3M8IjjDMc8fYGfz1hOQXU=
=hNrX
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#430691: hiki: [security] vulnerability that arbitrary files would be deleted

Reply via email to