TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC

TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to arbitrary command execution. tikiwiki egroupware 2005-08-24 2005-08-24 102374 102377 remote 1.8.5-r2 1.8.5-r2 1.0.0.009 1.0.0.009

TikiWiki is a full featured Free Software Wiki, CMS and Groupware written in PHP. eGroupWare is a web-based collaboration software suite. Both TikiWiki and eGroupWare include a PHP library to handle XML-RPC requests.

The XML-RPC library shipped in TikiWiki and eGroupWare improperly handles XML-RPC requests and responses with malformed nested tags.

A remote attacker could exploit this vulnerability to inject arbitrary PHP script code into eval() statements by sending a specially crafted XML document to TikiWiki or eGroupWare.

There is no known workaround at this time.

All TikiWiki users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/tikiwiki-1.8.5-r2"

All eGroupWare users should upgrade to the latest version:


    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/egroupware-1.0.0.009"

CAN-2005-2498 DerCorny adir koon