Lucene search
RedhatCVELIST:CVE-2011-1766HistoryMay 23, 2011 - 10:00 p.m.
CVE-2011-1766
2011-05-2322:00:00
redhat
www.cve.org
2
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation.
References
lists.fedoraproject.org/pipermail/package-announce/2011-May/060435.html
lists.fedoraproject.org/pipermail/package-announce/2011-May/060496.html
lists.fedoraproject.org/pipermail/package-announce/2011-May/060507.html
lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html
secunia.com/advisories/44684
www.securityfocus.com/bid/47722
bugzilla.redhat.com/show_bug.cgi?id=702512
bugzilla.wikimedia.org/show_bug.cgi?id=28639
Related
prion
prion
Authentication flaw
2011-05-23 22:55:00
nvd
nvd
CVE-2011-1766
2011-05-23 22:55:01
ubuntucve
ubuntucve
CVE-2011-1766
2011-05-23 00:00:00
cve
cve
CVE-2011-1766
2011-05-23 22:55:01
debiancve
debiancve
CVE-2011-1766
2011-05-23 22:55:01
openvas
openvas
Fedora Update for mediawiki FEDORA-2011-6774
2011-05-23 00:00:00
Fedora Update for mediawiki FEDORA-2011-6774
2011-05-23 00:00:00
Fedora Update for mediawiki FEDORA-2011-6775
2011-05-23 00:00:00
nessus
nessus
Fedora 14 : mediawiki-1.16.5-59.fc14 (2011-6774)
2011-05-23 00:00:00
Fedora 15 : mediawiki-1.16.5-59.fc15 (2011-6781)
2011-05-19 00:00:00
Fedora 13 : mediawiki-1.16.5-59.fc13 (2011-6775)
2011-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: mediawiki-1.16.5-59.fc14
2011-05-20 20:55:43
[SECURITY] Fedora 15 Update: mediawiki-1.16.5-59.fc15
2011-05-19 05:09:45
[SECURITY] Fedora 13 Update: mediawiki-1.16.5-59.fc13
2011-05-20 20:58:01
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2012-06-21 00:00:00