Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2017 Greenbone AGOPENVAS:1361412562310106884
HistoryJun 20, 2017 - 12:00 a.m.

MediaWiki Multiple Vulnerabilities (Apr 2017) - Windows

2017-06-2000:00:00
Copyright (C) 2017 Greenbone AG
plugins.openvas.org
16

6.1 Medium

AI Score

Confidence

High

0.886 High

EPSS

Percentile

98.7%

JSON

MediaWiki is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2017 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = 'cpe:/a:mediawiki:mediawiki';

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.106884");
  script_version("2024-02-08T14:36:53+0000");
  script_tag(name:"last_modification", value:"2024-02-08 14:36:53 +0000 (Thu, 08 Feb 2024)");
  script_tag(name:"creation_date", value:"2017-06-20 10:54:15 +0700 (Tue, 20 Jun 2017)");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2018-05-17 15:25:00 +0000 (Thu, 17 May 2018)");

  script_tag(name:"qod_type", value:"remote_banner");

  script_cve_id("CVE-2017-0361", "CVE-2017-0362", "CVE-2017-0363", "CVE-2017-0364", "CVE-2017-0365",
"CVE-2017-0366", "CVE-2017-0367", "CVE-2017-0368", "CVE-2017-0369", "CVE-2017-0370", "CVE-2017-0372");

  script_tag(name:"solution_type", value:"VendorFix");

  script_name("MediaWiki Multiple Vulnerabilities (Apr 2017) - Windows");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2017 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("secpod_mediawiki_detect.nasl", "os_detection.nasl");
  script_mandatory_keys("mediawiki/installed", "Host/runs_windows");

  script_tag(name:"summary", value:"MediaWiki is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"MediaWiki is prone to multiple vulnerabilities:

  - API parameters may now be marked as 'sensitive' to keep their values out of the logs (CVE-2017-0361)

  - 'Mark all pages visited' on the watchlist now requires a CSRF token (CVE-2017-0362)

  - Special:UserLogin and Special:Search allow redirect to interwiki links. (CVE-2017-0363, CVE-2017-0364)

  - XSS in SearchHighlighter::highlightText() when $wgAdvancedSearchHighlighting is true (CVE-2017-0365)

  - SVG filter evasion using default attribute values in DTD declaration (CVE-2017-0366)

  - LocalisationCache will no longer use the temporary directory in its fallback chain when trying to work out
where to write the cache (CVE-2017-0367)

  - Escape content model/format url parameter in message (CVE-2017-0368)

  - Sysops can undelete pages, although the page is protected against it (CVE-2017-0369)

  - Spam blacklist ineffective on encoded URLs inside file inclusion syntax's link parameter (CVE-2017-0370)

  - Parameters injection in SyntaxHighlight results in multiple vulnerabilities (CVE-2017-0372)");

  script_tag(name:"solution", value:"Upgrade to version 1.23.16, 1.27.3, 1.28.2 or later.");

  script_xref(name:"URL", value:"https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html");
  script_xref(name:"URL", value:"https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000209.html");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if (!port = get_app_port(cpe: CPE))
  exit(0);

if (!version = get_app_version(cpe: CPE, port: port))
  exit(0);

if (version_is_less(version: version, test_version: "1.23.16")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "1.23.16");
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "1.26.0", test_version2: "1.27.2")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "1.27.3");
  security_message(port: port, data: report);
  exit(0);
}

if (version_in_range(version: version, test_version: "1.28.0", test_version2: "1.28.1")) {
  report = report_fixed_ver(installed_version: version, fixed_version: "1.28.2");
  security_message(port: port, data: report);
  exit(0);
}

exit(0);

Related

archlinux 2
openvas 4
nessus 4
fedora 2
mageia 1
osv 11
cvelist 11
prion 11
cve 11
debiancve 11
redhatcve 5
ubuntucve 11
veracode 1
packetstorm 2
checkpoint_advisories 1
zdt 1
rapid7community 1
freebsd 1
archlinux
archlinux
[ASA-201704-3] mediawiki: multiple issues
2017-04-07 00:00:00
[ASA-201711-20] mediawiki: multiple issues
2017-11-15 00:00:00
openvas
openvas
Fedora Update for mediawiki FEDORA-2017-3fb95ed01f
2017-04-16 00:00:00
MediaWiki Multiple Vulnerabilities (Apr 2017) - Linux
2017-06-20 00:00:00
Mageia: Security Advisory (MGASA-2017-0110)
2022-01-28 00:00:00
nessus
nessus
Fedora 25 : mediawiki (2017-3fb95ed01f)
2017-04-17 00:00:00
MediaWiki 1.23.x < 1.23.16 / 1.27.x < 1.27.2 / 1.28.x < 1.28.1 Multiple Vulnerabilities
2017-04-10 00:00:00
Fedora 25 : mediawiki (2017-2643ef1cad)
2017-05-16 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: mediawiki-1.27.2-1.fc25
2017-04-15 23:52:26
[SECURITY] Fedora 25 Update: mediawiki-1.27.3-1.fc25
2017-05-12 12:06:30
mageia
mageia
Updated mediawiki packages fix security vulnerability
2017-04-16 09:29:12
osv
osv
CVE-2017-0369
2018-04-13 16:29:00
CVE-2017-0362
2018-04-13 16:29:00
CVE-2017-0364
2018-04-13 16:29:00
cvelist
cvelist
CVE-2017-0369 Sysops can undelete pages, although the page is protected against it
2017-04-06 00:00:00
CVE-2017-0362 "Mark all pages visited" on the watchlist does not require a CSRF token
2017-04-06 00:00:00
CVE-2017-0366 SVG filter evasion using default attribute values in DTD declaration
2017-04-06 00:00:00
prion
prion
Design/Logic Flaw
2018-04-13 16:29:00
Design/Logic Flaw
2018-04-13 16:29:00
Cross site request forgery (csrf)
2018-04-13 16:29:00
cve
cve
CVE-2017-0370
2018-04-13 16:29:00
CVE-2017-0372
2018-04-13 16:29:00
CVE-2017-0366
2018-04-13 16:29:00
debiancve
debiancve
CVE-2017-0370
2018-04-13 16:29:00
CVE-2017-0372
2018-04-13 16:29:00
CVE-2017-0362
2018-04-13 16:29:00
redhatcve
redhatcve
CVE-2017-0362
2018-04-19 23:19:22
CVE-2017-0366
2018-04-20 01:18:59
CVE-2017-0367
2018-04-20 01:19:10
ubuntucve
ubuntucve
CVE-2017-0362
2018-04-13 00:00:00
CVE-2017-0367
2018-04-13 00:00:00
CVE-2017-0369
2018-04-13 00:00:00
veracode
veracode
Insecure Cache Storage
2018-07-13 05:38:48
packetstorm
packetstorm
SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting
2017-04-29 00:00:00
MediaWiki SyntaxHighlight Extension Option Injection
2017-05-20 00:00:00
checkpoint_advisories
checkpoint_advisories
MediaWiki SyntaxHighlight Option Injection (CVE-2017-0372)
2017-07-25 00:00:00
zdt
zdt
SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting Vulnerability
2017-05-01 00:00:00
rapid7community
rapid7community
Metasploit Wrapup
2017-05-26 19:06:43
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2017-11-14 00:00:00

6.1 Medium

AI Score

Confidence

High

0.886 High

EPSS

Percentile

98.7%

JSON
Related for OPENVAS:1361412562310106884
archlinux2openvas4nessus4fedora2mageia1osv11cvelist11prion11cve11debiancve11redhatcve5ubuntucve11veracode1packetstorm2checkpoint_advisories1zdt1rapid7community1freebsd1