Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword,
whereby a user can be logged into an attackers account without being
aware of it, allowing the attacker to track the user's activity
(CVE-2014-2665).
XSS vulnerability in MediaWiki before 1.22.6, where if the default
sort key is set to a string containing a script, the script will be
executed when the page is viewed using the info action.
MediaWiki has been updated to version 1.22.6, fixing this and other
issues.
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
{"id": "SECURITYVULNS:DOC:30711", "bulletinFamily": "software", "title": "[ MDVSA-2014:083 ] mediawiki", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:083\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : mediawiki\r\n Date : May 8, 2014\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated mediawiki packages fix security vulnerabilities:\r\n \r\n Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword,\r\n whereby a user can be logged into an attackers account without being\r\n aware of it, allowing the attacker to track the user's activity\r\n (CVE-2014-2665).\r\n \r\n XSS vulnerability in MediaWiki before 1.22.6, where if the default\r\n sort key is set to a string containing a script, the script will be\r\n executed when the page is viewed using the info action.\r\n \r\n MediaWiki has been updated to version 1.22.6, fixing this and other\r\n issues.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665\r\n http://advisories.mageia.org/MGASA-2014-0157.html\r\n http://advisories.mageia.org/MGASA-2014-0197.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 292fb98c951c1b2111ad9fe0bb26a6d2 mbs1/x86_64/mediawiki-1.22.6-1.mbs1.noarch.rpm\r\n 7b12b37abd00c4f4e9cf3987d1305ffb mbs1/x86_64/mediawiki-mysql-1.22.6-1.mbs1.noarch.rpm\r\n 2d7eb5e3fba48833afa4ab7c6d7c7f52 mbs1/x86_64/mediawiki-pgsql-1.22.6-1.mbs1.noarch.rpm\r\n 854f21c25837fbabf6e44353606e5ba3 mbs1/x86_64/mediawiki-sqlite-1.22.6-1.mbs1.noarch.rpm \r\n 16c61971b495a75a2fbb85c3a3685d76 mbs1/SRPMS/mediawiki-1.22.6-1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFTa3MXmqjQ0CJFipgRAu+LAJ41wdyfhpLDje3r6vmrZDMAU9adhgCglgT3\r\npraVkE5/9aVQ94iAVTfJso4=\r\n=6R+/\r\n-----END PGP SIGNATURE-----\r\n\r\n", "published": "2014-05-10T00:00:00", "modified": "2014-05-10T00:00:00", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30711", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2014-2665"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:52", "edition": 1, "viewCount": 9, "enchantments": {"score": {"value": 6.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-2665"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2891-3:4C320"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-2665"]}, {"type": "fedora", "idList": ["FEDORA:380E022043", "FEDORA:A746520CC1"]}, {"type": "gentoo", "idList": ["GLSA-201502-04"]}, {"type": "nessus", "idList": ["8181.PRM", "DEBIAN_DSA-2891.NASL", "FEDORA_2014-4478.NASL", "FEDORA_2014-4511.NASL", "GENTOO_GLSA-201502-04.NASL", "MANDRIVA_MDVSA-2014-083.NASL", "MEDIAWIKI_1_19_14.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121343", "OPENVAS:1361412562310702891", "OPENVAS:1361412562310867675", "OPENVAS:1361412562310867678", "OPENVAS:702891", "OPENVAS:867675", "OPENVAS:867678"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13764"]}, {"type": "seebug", "idList": ["SSV:62081"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-2665"]}], "rev": 4}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2014-2665"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2891-3:4C320"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2014-083.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:867678"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13764"]}, {"type": "seebug", "idList": ["SSV:62081"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-2665"]}]}, "exploitation": null, "vulnersScore": 6.1}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"seebug": [{"lastseen": "2017-11-19T17:28:37", "description": "Bugtraq ID:66600\r\nCVE ID:CVE-2014-2665\r\n\r\nMediaWiki\u662f\u4e00\u6b3eWiki\u7a0b\u5e8f\u3002\r\n\r\nMediaWiki 'Special:ChangePassword'\u5b58\u5728\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fURI\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u4ee5\u76ee\u6807\u7528\u6237\u4e0a\u4e0b\u6587\u6267\u884c\u6076\u610f\u64cd\u4f5c\u3002\n0\nMediaWiki 1.22.5\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttps://bugzilla.wikimedia.org/show_bug.cgi?id=62497", "cvss3": {}, "published": "2014-04-08T00:00:00", "title": "MediaWiki 'Special:ChangePassword'\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2014-04-08T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62081", "id": "SSV:62081", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2022-04-16T14:03:32", "description": "According to its version number, the instance of MediaWiki running on the remote host is affected by a cross-site request forgery vulnerability.\n\nA flaw exists with Special:ChangePassword within the includes/specials/SpecialChangePassword.php script where HTTP requests do not require explicit confirmation, a unique token, and/or multiple steps performing sensitive actions. This allows a context-dependent attacker to reset a user's password.\n\nNessus has not tested for this issue but has instead relied on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-04-02T00:00:00", "type": "nessus", "title": "MediaWiki < 1.19.14 / 1.21.8 / 1.22.5 ChangePassword XSRF", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:mediawiki:mediawiki"], "id": "MEDIAWIKI_1_19_14.NASL", "href": "https://www.tenable.com/plugins/nessus/73305", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73305);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2014-2665\");\n script_bugtraq_id(66600);\n\n script_name(english:\"MediaWiki < 1.19.14 / 1.21.8 / 1.22.5 ChangePassword XSRF\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains an application that is affected by a\ncross-site request forgery vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version number, the instance of MediaWiki running on\nthe remote host is affected by a cross-site request forgery\nvulnerability.\n\nA flaw exists with Special:ChangePassword within the\nincludes/specials/SpecialChangePassword.php script where HTTP requests\ndo not require explicit confirmation, a unique token, and/or multiple\nsteps performing sensitive actions. This allows a context-dependent\nattacker to reset a user's password.\n\nNessus has not tested for this issue but has instead relied on the\napplication's self-reported version number.\");\n # https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?78c1dedb\");\n # https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-April/000147.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?279f2f2c\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mediawiki.org/wiki/Release_notes/1.19\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mediawiki.org/wiki/Release_notes/1.21\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mediawiki.org/wiki/Release_notes/1.22\");\n script_set_attribute(attribute:\"see_also\", value:\"https://phabricator.wikimedia.org/T64497\");\n # https://www.mediawiki.org/w/index.php?title=Thread:Project:Support_desk/Session_Hijacking_error_after_Update_1.19.14&lqt_oldid=54478\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7505c42f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://phabricator.wikimedia.org/T64497#c14\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MediaWiki version 1.19.15 / 1.21.8 / 1.22.5 or later.\n\nNote that a fix for this issue was implemented with 1.19.14 but the\npatch contains a mistake; users of 1.19.x should update to 1.19.15.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/02\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mediawiki:mediawiki\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mediawiki_detect.nasl\");\n script_require_keys(\"Settings/ParanoidReport\", \"installed_sw/MediaWiki\", \"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"MediaWiki\";\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:80, php:TRUE);\n\ninstall = get_single_install(\n app_name : app,\n port : port,\n exit_if_unknown_ver : TRUE\n);\nversion = install['version'];\ninstall_url = build_url(qs:install['path'], port:port);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# Detecting for all previous versions.\nif (\n version =~ \"^1\\.19\\.([0-9]|1[0-3])([^0-9]|$)\" ||\n version =~ \"^1\\.21\\.[0-7]([^0-9]|$)\" ||\n version =~ \"^1\\.22\\.[0-4]([^0-9]|$)\"\n)\n{\n set_kb_item(name:\"www/\"+port+\"/XSRF\", value:TRUE);\n if (report_verbosity > 0)\n {\n report =\n '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed versions : 1.19.15 / 1.21.8 / 1.22.5' +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:43", "description": "- (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.\n\n - (bug 62467) Set a title for the context during import on the cli.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-04-09T00:00:00", "type": "nessus", "title": "Fedora 19 : mediawiki-1.21.8-1.fc19 (2014-4511)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mediawiki", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-4511.NASL", "href": "https://www.tenable.com/plugins/nessus/73426", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-4511.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73426);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-2665\");\n script_bugtraq_id(66600);\n script_xref(name:\"FEDORA\", value:\"2014-4511\");\n\n script_name(english:\"Fedora 19 : mediawiki-1.21.8-1.fc19 (2014-4511)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - (bug 62497) SECURITY: Add CSRF token on\n Special:ChangePassword.\n\n - (bug 62467) Set a title for the context during import\n on the cli.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1081891\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131306.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26376790\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mediawiki package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"mediawiki-1.21.8-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mediawiki\");\n}\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:28", "description": "In versions older than 1.22.5, 1.21.8, and 1.19.14, WikiMedia contains a flaw in Special:ChangePassword, due to its implementation of the password reset action. An attacker could leverage the lack of explicit confirmation, unique tokens, or multi-step process, to induce a victim to reset their password via a specially crafted link.", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2014-04-03T00:00:00", "type": "nessus", "title": "MediaWiki Password Reset Cross-site Request Forgery Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"], "id": "8181.PRM", "href": "https://www.tenable.com/plugins/nnm/8181", "sourceData": "Binary data 8181.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:50:23", "description": "Updated mediawiki packages fix security vulnerabilities :\n\nLogin CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity (CVE-2014-2665).\n\nXSS vulnerability in MediaWiki before 1.22.6, where if the default sort key is set to a string containing a script, the script will be executed when the page is viewed using the info action.\n\nMediaWiki has been updated to version 1.22.6, fixing this and other issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-09T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:083)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:mediawiki", "p-cpe:/a:mandriva:linux:mediawiki-mysql", "p-cpe:/a:mandriva:linux:mediawiki-pgsql", "p-cpe:/a:mandriva:linux:mediawiki-sqlite", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-083.NASL", "href": "https://www.tenable.com/plugins/nessus/73934", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:083. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73934);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-2665\");\n script_bugtraq_id(66600);\n script_xref(name:\"MDVSA\", value:\"2014:083\");\n\n script_name(english:\"Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:083)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated mediawiki packages fix security vulnerabilities :\n\nLogin CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword,\nwhereby a user can be logged into an attackers account without being\naware of it, allowing the attacker to track the user's activity\n(CVE-2014-2665).\n\nXSS vulnerability in MediaWiki before 1.22.6, where if the default\nsort key is set to a string containing a script, the script will be\nexecuted when the page is viewed using the info action.\n\nMediaWiki has been updated to version 1.22.6, fixing this and other\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0157.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0197.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mediawiki-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mediawiki-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mediawiki-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"mediawiki-1.22.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"mediawiki-mysql-1.22.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"mediawiki-pgsql-1.22.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"mediawiki-sqlite-1.22.6-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:31", "description": "- (bug 62497) SECURITY: Add CSRF token on Special:ChangePassword.\n\n - (bug 62467) Set a title for the context during import on the cli.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-04-09T00:00:00", "type": "nessus", "title": "Fedora 20 : mediawiki-1.21.8-1.fc20 (2014-4478)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2665"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mediawiki", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-4478.NASL", "href": "https://www.tenable.com/plugins/nessus/73425", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-4478.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73425);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-2665\");\n script_bugtraq_id(66600);\n script_xref(name:\"FEDORA\", value:\"2014-4478\");\n\n script_name(english:\"Fedora 20 : mediawiki-1.21.8-1.fc20 (2014-4478)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - (bug 62497) SECURITY: Add CSRF token on\n Special:ChangePassword.\n\n - (bug 62467) Set a title for the context during import\n on the cli.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1081891\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131292.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?25aef916\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mediawiki package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"mediawiki-1.21.8-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mediawiki\");\n}\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:55", "description": "The remote Debian host is missing a security update. It is, therefore, affected by multiple vulnerabilities in MediaWiki :\n\n - A cross-site scripting (XSS) vulnerability exists due to a failure to validate input before returning it to the user. An unauthenticated, remote attacker can exploit this, via specially crafted SVG files, to execute arbitrary script code in the user's browser session.\n (CVE-2013-2031)\n\n - A flaw exists in the password blocking mechanism due to two different tools being used to block password change requests, these being Special:PasswordReset and Special:ChangePassword, either of which may be bypassed by the method the other prevents. A remote attacker can exploit this issue to change passwords. (CVE-2013-2032)\n\n - Multiple flaws exist in Sanitizer::checkCss due to the improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit these to bypass the blacklist. (CVE-2013-4567, CVE-2013-4568)\n\n - A flaw exists due to multiple users being granted the same session ID within HTTP headers. A remote attacker can exploit this to authenticate as another random user. (CVE-2013-4572)\n\n - A cross-site scripting (XSS) vulnerability exists in the /includes/libs/XmlTypeCheck.php script due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XSL file, to execute arbitrary script code in the user's browser session. (CVE-2013-6452)\n\n - A flaw exists in the /includes/upload/UploadBase.php script due to a failure to apply SVG sanitization when XML files are read as invalid. An unauthenticated, remote attacker can exploit this to upload non-sanitized XML files, resulting in an unspecified impact.\n (CVE-2013-6453)\n\n - A stored cross-site (XSS) scripting vulnerability exists in the /includes/Sanitizer.php script due to a failure to properly validate the '-o-link' attribute before returning it to users. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in the user's browser session. (CVE-2013-6454)\n\n - A flaw exists in the log API within the /includes/api/ApiQueryLogEvents.php script that allows an unauthenticated, remote attacker to disclose potentially sensitive information regarding deleted pages. (CVE-2013-6472)\n\n - Multiple flaws exist in the PdfHandler_body.php, DjVu.php, Bitmap.php, and ImageHandler.php scripts when DjVu or PDF file upload support is enabled due to improper sanitization of user-supplied input. An authenticated, remote attacker can exploit these, via the use of shell metacharacters, to execute execute arbitrary shell commands. (CVE-2014-1610)\n\n - A cross-site request forgery (XSRF) vulnerability exists in the includes/specials/SpecialChangePassword.php script due to a failure to properly handle a correctly authenticated but unintended login attempt. An unauthenticated, remote attacker, by convincing a user to follow a specially crafted link, can exploit this to reset the user's password. (CVE-2014-2665)", "cvss3": {"score": null, "vector": null}, "published": "2014-03-31T00:00:00", "type": "nessus", "title": "Debian DSA-2891-1 : mediawiki, mediawiki-extensions Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2031", "CVE-2013-2032", "CVE-2013-4567", "CVE-2013-4568", "CVE-2013-4572", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2665"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:mediawiki", "p-cpe:/a:debian:debian_linux:mediawiki-extensions", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2891.NASL", "href": "https://www.tenable.com/plugins/nessus/73256", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were\n# extracted from Debian Security Advisory DSA-2891\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73256);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2013-2031\",\n \"CVE-2013-2032\",\n \"CVE-2013-4567\",\n \"CVE-2013-4568\",\n \"CVE-2013-4572\",\n \"CVE-2013-6452\",\n \"CVE-2013-6453\",\n \"CVE-2013-6454\",\n \"CVE-2013-6472\",\n \"CVE-2014-1610\",\n \"CVE-2014-2665\"\n );\n script_bugtraq_id(\n 59594,\n 59595,\n 63757,\n 63760,\n 63761,\n 65003,\n 65223,\n 66600\n );\n script_xref(name:\"DSA\", value:\"2891\");\n\n script_name(english:\"Debian DSA-2891-1 : mediawiki, mediawiki-extensions Multiple Vulnerabilities\");\n script_summary(english:\"Checks the dpkg output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian host is missing a security update. It is, therefore,\naffected by multiple vulnerabilities in MediaWiki :\n\n - A cross-site scripting (XSS) vulnerability exists due to\n a failure to validate input before returning it to the\n user. An unauthenticated, remote attacker can exploit\n this, via specially crafted SVG files, to execute\n arbitrary script code in the user's browser session.\n (CVE-2013-2031)\n\n - A flaw exists in the password blocking mechanism due to\n two different tools being used to block password change\n requests, these being Special:PasswordReset and\n Special:ChangePassword, either of which may be bypassed\n by the method the other prevents. A remote attacker can\n exploit this issue to change passwords. (CVE-2013-2032)\n\n - Multiple flaws exist in Sanitizer::checkCss due to the\n improper sanitization of user-supplied input. An\n unauthenticated, remote attacker can exploit these to\n bypass the blacklist. (CVE-2013-4567, CVE-2013-4568)\n\n - A flaw exists due to multiple users being granted the\n same session ID within HTTP headers. A remote attacker\n can exploit this to authenticate as another random\n user. (CVE-2013-4572)\n\n - A cross-site scripting (XSS) vulnerability exists in the\n /includes/libs/XmlTypeCheck.php script due to improper\n validation of user-supplied input. An unauthenticated,\n remote attacker can exploit this, via a specially\n crafted XSL file, to execute arbitrary script code in\n the user's browser session. (CVE-2013-6452)\n\n - A flaw exists in the /includes/upload/UploadBase.php\n script due to a failure to apply SVG sanitization when\n XML files are read as invalid. An unauthenticated,\n remote attacker can exploit this to upload non-sanitized\n XML files, resulting in an unspecified impact.\n (CVE-2013-6453)\n\n - A stored cross-site (XSS) scripting vulnerability exists\n in the /includes/Sanitizer.php script due to a failure\n to properly validate the '-o-link' attribute before\n returning it to users. An unauthenticated, remote\n attacker can exploit this, via a specially crafted\n request, to execute arbitrary script code in the user's\n browser session. (CVE-2013-6454)\n\n - A flaw exists in the log API within the\n /includes/api/ApiQueryLogEvents.php script that allows\n an unauthenticated, remote attacker to disclose\n potentially sensitive information regarding deleted\n pages. (CVE-2013-6472)\n\n - Multiple flaws exist in the PdfHandler_body.php,\n DjVu.php, Bitmap.php, and ImageHandler.php scripts when\n DjVu or PDF file upload support is enabled due to\n improper sanitization of user-supplied input. An\n authenticated, remote attacker can exploit these, via\n the use of shell metacharacters, to execute execute\n arbitrary shell commands. (CVE-2014-1610)\n\n - A cross-site request forgery (XSRF) vulnerability exists\n in the includes/specials/SpecialChangePassword.php\n script due to a failure to properly handle a correctly\n authenticated but unintended login attempt. An\n unauthenticated, remote attacker, by convincing a user\n to follow a specially crafted link, can exploit this to\n reset the user's password. (CVE-2014-2665)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729629\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706601\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742857\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742857\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-2031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-2032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-4567\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-4568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-4572\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-6452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-6453\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-6454\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-6472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-1610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2014-2665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/mediawiki\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/mediawiki-extensions\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.debian.org/security/2014/dsa-2891\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the mediawiki packages. For the stable distribution (wheezy),\nthese issues have been fixed in version 1:1.19.14+dfsg-0+deb7u1 of the\nmediawiki package and version 3.5~deb7u1 of the mediawiki-extensions\npackage.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"MediaWiki thumb.php page Parameter Remote Shell Command Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MediaWiki Thumb.php Remote Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mediawiki-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\noslevel = get_kb_item(\"Host/Debian/release\"); \nif (empty_or_null(oslevel)) audit(AUDIT_OS_NOT, \"Debian\");\nif (oslevel !~ \"^7\\.\") audit(AUDIT_OS_NOT, \"Debian 7\", \"Debian \" + oslevel);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki\", reference:\"1:1.19.14+dfsg-0+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-base\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-collection\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-geshi\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-graphviz\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-ldapauth\", reference:\"3.5~deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"mediawiki-extensions-openid\", reference:\"3.5~deb7u1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n xss : TRUE,\n xsrf : TRUE,\n extra : deb_report_get()\n );\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:56", "description": "The remote host is affected by the vulnerability described in GLSA-201502-04 (MediaWiki: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers and MediaWiki announcement referenced below for details.\n Impact :\n\n A remote attacker may be able to execute arbitrary code with the privileges of the process, create a Denial of Service condition, obtain sensitive information, bypass security restrictions, and inject arbitrary web script or HTML.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2015-02-09T00:00:00", "type": "nessus", "title": "GLSA-201502-04 : MediaWiki: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6451", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2242", "CVE-2014-2243", "CVE-2014-2244", "CVE-2014-2665", "CVE-2014-2853", "CVE-2014-5241", "CVE-2014-5242", "CVE-2014-5243", "CVE-2014-7199", "CVE-2014-7295", "CVE-2014-9276", "CVE-2014-9277", "CVE-2014-9475", "CVE-2014-9476", "CVE-2014-9477", "CVE-2014-9478", "CVE-2014-9479", "CVE-2014-9480", "CVE-2014-9481", "CVE-2014-9487", "CVE-2014-9507"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:mediawiki", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201502-04.NASL", "href": "https://www.tenable.com/plugins/nessus/81227", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201502-04.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81227);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-6451\", \"CVE-2013-6452\", \"CVE-2013-6453\", \"CVE-2013-6454\", \"CVE-2013-6472\", \"CVE-2014-1610\", \"CVE-2014-2242\", \"CVE-2014-2243\", \"CVE-2014-2244\", \"CVE-2014-2665\", \"CVE-2014-2853\", \"CVE-2014-5241\", \"CVE-2014-5242\", \"CVE-2014-5243\", \"CVE-2014-7199\", \"CVE-2014-7295\", \"CVE-2014-9276\", \"CVE-2014-9277\", \"CVE-2014-9475\", \"CVE-2014-9476\", \"CVE-2014-9477\", \"CVE-2014-9478\", \"CVE-2014-9479\", \"CVE-2014-9480\", \"CVE-2014-9481\", \"CVE-2014-9487\", \"CVE-2014-9507\");\n script_xref(name:\"GLSA\", value:\"201502-04\");\n\n script_name(english:\"GLSA-201502-04 : MediaWiki: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201502-04\n(MediaWiki: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in MediaWiki. Please\n review the CVE identifiers and MediaWiki announcement referenced below\n for details.\n \nImpact :\n\n A remote attacker may be able to execute arbitrary code with the\n privileges of the process, create a Denial of Service condition, obtain\n sensitive information, bypass security restrictions, and inject arbitrary\n web script or HTML.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n # https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-June/000155.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4ef35312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201502-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All MediaWiki 1.23 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/mediawiki-1.23.8'\n All MediaWiki 1.22 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/mediawiki-1.22.15'\n All MediaWiki 1.19 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-apps/mediawiki-1.19.23'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"MediaWiki thumb.php page Parameter Remote Shell Command Injection\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'MediaWiki Thumb.php Remote Command Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mediawiki\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-apps/mediawiki\", unaffected:make_list(\"ge 1.23.8\", \"rge 1.22.15\", \"rge 1.19.23\"), vulnerable:make_list(\"lt 1.23.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MediaWiki\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated mediawiki packages fix security vulnerability: Login CSRF issue in MediaWiki before 1.22.5 in Special:ChangePassword, whereby a user can be logged into an attackers account without being aware of it, allowing the attacker to track the user's activity (CVE-2014-2665). MediaWiki has been updated to version 1.22.5, fixing this and other issues. \n", "cvss3": {}, "published": "2014-04-03T13:29:32", "type": "mageia", "title": "Updated mediawiki packages fix CVE-2014-2665\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2665"], "modified": "2014-04-03T13:29:32", "id": "MGASA-2014-0157", "href": "https://advisories.mageia.org/MGASA-2014-0157.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2022-04-04T14:21:56", "description": "includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account, as demonstrated by tracking the victim's activity, related to a \"login CSRF\" issue.", "cvss3": {}, "published": "2014-04-20T01:55:00", "type": "debiancve", "title": "CVE-2014-2665", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2665"], "modified": "2014-04-20T01:55:00", "id": "DEBIANCVE:CVE-2014-2665", "href": "https://security-tracker.debian.org/tracker/CVE-2014-2665", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:51:55", "description": "includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14,\n1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly\nhandle a correctly authenticated but unintended login attempt, which makes\nit easier for remote authenticated users to obtain sensitive information by\narranging for a victim to login to the attacker's account, as demonstrated\nby tracking the victim's activity, related to a \"login CSRF\" issue.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742857>\n * <https://bugs.launchpad.net/ubuntu/+source/mediawiki/+bug/1370227>\n", "cvss3": {}, "published": "2014-04-20T00:00:00", "type": "ubuntucve", "title": "CVE-2014-2665", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2665"], "modified": "2014-04-20T00:00:00", "id": "UB:CVE-2014-2665", "href": "https://ubuntu.com/security/CVE-2014-2665", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:40:51", "description": "includes/specials/SpecialChangePassword.php in MediaWiki before 1.19.14, 1.20.x and 1.21.x before 1.21.8, and 1.22.x before 1.22.5 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker's account, as demonstrated by tracking the victim's activity, related to a \"login CSRF\" issue.", "cvss3": {}, "published": "2014-04-20T01:55:00", "type": "cve", "title": "CVE-2014-2665", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-2665"], "modified": "2014-04-24T05:06:00", "cpe": ["cpe:/a:mediawiki:mediawiki:1.21.6", "cpe:/a:mediawiki:mediawiki:1.21.7", "cpe:/a:mediawiki:mediawiki:1.20", "cpe:/a:mediawiki:mediawiki:1.19.10", "cpe:/a:mediawiki:mediawiki:1.21.3", "cpe:/a:mediawiki:mediawiki:1.19.1", "cpe:/a:mediawiki:mediawiki:1.19.2", "cpe:/a:mediawiki:mediawiki:1.22.1", "cpe:/a:mediawiki:mediawiki:1.19.6", "cpe:/a:mediawiki:mediawiki:1.22.2", "cpe:/a:mediawiki:mediawiki:1.20.2", "cpe:/a:mediawiki:mediawiki:1.19.4", "cpe:/a:mediawiki:mediawiki:1.19.0", "cpe:/a:mediawiki:mediawiki:1.22.0", "cpe:/a:mediawiki:mediawiki:1.22.3", "cpe:/a:mediawiki:mediawiki:1.19.5", "cpe:/a:mediawiki:mediawiki:1.20.5", "cpe:/a:mediawiki:mediawiki:1.21", "cpe:/a:mediawiki:mediawiki:1.19.13", "cpe:/a:mediawiki:mediawiki:1.19", "cpe:/a:mediawiki:mediawiki:1.19.11", "cpe:/a:mediawiki:mediawiki:1.21.2", "cpe:/a:mediawiki:mediawiki:1.20.6", "cpe:/a:mediawiki:mediawiki:1.19.3", "cpe:/a:mediawiki:mediawiki:1.21.1", "cpe:/a:mediawiki:mediawiki:1.20.3", "cpe:/a:mediawiki:mediawiki:1.20.1", "cpe:/a:mediawiki:mediawiki:1.21.5", "cpe:/a:mediawiki:mediawiki:1.20.7", "cpe:/a:mediawiki:mediawiki:1.19.12", "cpe:/a:mediawiki:mediawiki:1.19.9", "cpe:/a:mediawiki:mediawiki:1.22.4", "cpe:/a:mediawiki:mediawiki:1.20.4", "cpe:/a:mediawiki:mediawiki:1.20.8", "cpe:/a:mediawiki:mediawiki:1.19.8", "cpe:/a:mediawiki:mediawiki:1.19.7", "cpe:/a:mediawiki:mediawiki:1.21.4"], "id": "CVE-2014-2665", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2665", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mediawiki:mediawiki:1.19.12:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.3:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.4:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19:beta_2:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19:beta_1:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.13:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.10:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.22.1:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.6:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.11:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.5:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.22.2:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.6:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.4:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.8:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.2:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.1:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.22.4:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.9:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.8:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.7:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.7:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.22.3:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.19.2:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.21.5:*:*:*:*:*:*:*", "cpe:2.3:a:mediawiki:mediawiki:1.20.7:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "MediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Read the instructions for creating wiki instances under /usr/share/doc/mediawiki-1.21.8/README.RPM. Remember to remove the config dir after completing the configuration. ", "edition": 2, "cvss3": {}, "published": "2014-04-09T01:03:53", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: mediawiki-1.21.8-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6451", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2665"], "modified": "2014-04-09T01:03:53", "id": "FEDORA:A746520CC1", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "MediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Read the instructions for creating wiki instances under /usr/share/doc/mediawiki/README.RPM. Remember to remove the config dir after completing the configuration. ", "edition": 2, "cvss3": {}, "published": "2014-04-09T01:00:28", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: mediawiki-1.21.8-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6451", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2665"], "modified": "2014-04-09T01:00:28", "id": "FEDORA:380E022043", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2017-07-25T10:48:22", "description": "Check for the Version of mediawiki", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for mediawiki FEDORA-2014-4511", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1610", "CVE-2013-6453", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-6451"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867678", "href": "http://plugins.openvas.org/nasl.php?oid=867678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mediawiki FEDORA-2014-4511\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867678);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:15:34 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1610\", \"CVE-2013-6452\", \"CVE-2013-6451\", \"CVE-2013-6454\",\n \"CVE-2013-6453\", \"CVE-2013-6472\", \"CVE-2014-2665\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mediawiki FEDORA-2014-4511\");\n\n tag_insight = \"MediaWiki is the software used for Wikipedia and the other Wikimedia\nFoundation websites. Compared to other wikis, it has an excellent\nrange of features and support for high-traffic websites using multiple\nservers\n\nThis package supports wiki farms. Read the instructions for creating wiki\ninstances under /usr/share/doc/mediawiki-1.21.8/README.RPM.\nRemember to remove the config dir after completing the configuration.\n\";\n\n tag_affected = \"mediawiki on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4511\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131306.html\");\n script_summary(\"Check for the Version of mediawiki\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.21.8~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:48:57", "description": "Check for the Version of mediawiki", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for mediawiki FEDORA-2014-4478", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1610", "CVE-2013-6453", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-6451"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867675", "href": "http://plugins.openvas.org/nasl.php?oid=867675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mediawiki FEDORA-2014-4478\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867675);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:14:56 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1610\", \"CVE-2013-6452\", \"CVE-2013-6451\", \"CVE-2013-6454\",\n \"CVE-2013-6453\", \"CVE-2013-6472\", \"CVE-2014-2665\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mediawiki FEDORA-2014-4478\");\n\n tag_insight = \"MediaWiki is the software used for Wikipedia and the other Wikimedia\nFoundation websites. Compared to other wikis, it has an excellent\nrange of features and support for high-traffic websites using multiple\nservers\n\nThis package supports wiki farms. Read the instructions for creating wiki\ninstances under /usr/share/doc/mediawiki/README.RPM.\nRemember to remove the config dir after completing the configuration.\n\";\n\n tag_affected = \"mediawiki on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4478\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131292.html\");\n script_summary(\"Check for the Version of mediawiki\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.21.8~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-02-04T18:49:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for mediawiki FEDORA-2014-4478", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1610", "CVE-2013-6453", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-6451"], "modified": "2020-02-04T00:00:00", "id": "OPENVAS:1361412562310867675", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867675", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mediawiki FEDORA-2014-4478\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867675\");\n script_version(\"2020-02-04T09:04:16+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-04 09:04:16 +0000 (Tue, 04 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:14:56 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1610\", \"CVE-2013-6452\", \"CVE-2013-6451\", \"CVE-2013-6454\",\n \"CVE-2013-6453\", \"CVE-2013-6472\", \"CVE-2014-2665\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mediawiki FEDORA-2014-4478\");\n script_tag(name:\"affected\", value:\"mediawiki on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4478\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131292.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mediawiki'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.21.8~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-04T18:50:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for mediawiki FEDORA-2014-4511", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1610", "CVE-2013-6453", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-6451"], "modified": "2020-02-04T00:00:00", "id": "OPENVAS:1361412562310867678", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867678", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mediawiki FEDORA-2014-4511\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867678\");\n script_version(\"2020-02-04T09:04:16+0000\");\n script_tag(name:\"last_modification\", value:\"2020-02-04 09:04:16 +0000 (Tue, 04 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:15:34 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-1610\", \"CVE-2013-6452\", \"CVE-2013-6451\", \"CVE-2013-6454\",\n \"CVE-2013-6453\", \"CVE-2013-6472\", \"CVE-2014-2665\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for mediawiki FEDORA-2014-4511\");\n script_tag(name:\"affected\", value:\"mediawiki on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4511\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131306.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mediawiki'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"mediawiki\", rpm:\"mediawiki~1.21.8~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-26T08:49:02", "description": "Several vulnerabilities were discovered in MediaWiki, a wiki engine.\nThe Common Vulnerabilities and Exposures project identifies the following\nissues:\n\nCVE-2013-2031 \nCross-site scripting attack via valid UTF-7 encoded sequences\nin a SVG file.\n\nCVE-2013-4567 & CVE-2013-4568 \nKevin Israel (Wikipedia user PleaseStand) reported two ways\nto inject Javascript due to an incomplete blacklist in the\nCSS sanitizer function.\n\nCVE-2013-4572 \nMediaWiki and the CentralNotice extension were incorrectly setting\ncache headers when a user was autocreated, causing the user's\nsession cookies to be cached, and returned to other users.\n\nCVE-2013-6452 \nChris from RationalWiki reported that SVG files could be\nuploaded that include external stylesheets, which could lead to\nXSS when an XSL was used to include JavaScript.\n\nCVE-2013-6453 \nMediaWiki's SVG sanitization could be bypassed when the XML was\nconsidered invalid.\n\nCVE-2013-6454 \nMediaWiki's CSS sanitization did not filter -o-link attributes,\nwhich could be used to execute JavaScript in Opera 12.\n\nCVE-2013-6472 \nMediaWiki displayed some information about deleted pages in\nthe log API, enhanced RecentChanges, and user watchlists.\n\nCVE-2014-1610 \nA remote code execution vulnerability existed if file upload\nsupport for DjVu (natively handled) or PDF files (in\ncombination with the PdfHandler extension) was enabled.\nNeither file type is enabled by default in MediaWiki.\n\nCVE-2014-2665 \nCross site request forgery in login form: an attacker could login\na victim as the attacker.", "cvss3": {}, "published": "2014-03-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2891-1 (mediawiki, mediawiki-extensions - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4567", "CVE-2013-2031", "CVE-2014-1610", "CVE-2013-6453", "CVE-2013-4568", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-4572"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:702891", "href": "http://plugins.openvas.org/nasl.php?oid=702891", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2891.nasl 6663 2017-07-11 09:58:05Z teissa $\n# Auto-generated from advisory DSA 2891-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"mediawiki, mediawiki-extensions on Debian Linux\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 1:1.19.14+dfsg-0+deb7u1 of the mediawiki package and 3.5~deb7u1\nof the mediawiki-extensions package.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:1.19.14+dfsg-1 of the mediawiki package and 3.5 of the\nmediawiki-extensions package.\n\nWe recommend that you upgrade your mediawiki packages.\";\ntag_summary = \"Several vulnerabilities were discovered in MediaWiki, a wiki engine.\nThe Common Vulnerabilities and Exposures project identifies the following\nissues:\n\nCVE-2013-2031 \nCross-site scripting attack via valid UTF-7 encoded sequences\nin a SVG file.\n\nCVE-2013-4567 & CVE-2013-4568 \nKevin Israel (Wikipedia user PleaseStand) reported two ways\nto inject Javascript due to an incomplete blacklist in the\nCSS sanitizer function.\n\nCVE-2013-4572 \nMediaWiki and the CentralNotice extension were incorrectly setting\ncache headers when a user was autocreated, causing the user's\nsession cookies to be cached, and returned to other users.\n\nCVE-2013-6452 \nChris from RationalWiki reported that SVG files could be\nuploaded that include external stylesheets, which could lead to\nXSS when an XSL was used to include JavaScript.\n\nCVE-2013-6453 \nMediaWiki's SVG sanitization could be bypassed when the XML was\nconsidered invalid.\n\nCVE-2013-6454 \nMediaWiki's CSS sanitization did not filter -o-link attributes,\nwhich could be used to execute JavaScript in Opera 12.\n\nCVE-2013-6472 \nMediaWiki displayed some information about deleted pages in\nthe log API, enhanced RecentChanges, and user watchlists.\n\nCVE-2014-1610 \nA remote code execution vulnerability existed if file upload\nsupport for DjVu (natively handled) or PDF files (in\ncombination with the PdfHandler extension) was enabled.\nNeither file type is enabled by default in MediaWiki.\n\nCVE-2014-2665 \nCross site request forgery in login form: an attacker could login\na victim as the attacker.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702891);\n script_version(\"$Revision: 6663 $\");\n script_cve_id(\"CVE-2013-2031\", \"CVE-2013-4567\", \"CVE-2013-4568\", \"CVE-2013-4572\", \"CVE-2013-6452\", \"CVE-2013-6453\", \"CVE-2013-6454\", \"CVE-2013-6472\", \"CVE-2014-1610\", \"CVE-2014-2665\");\n script_name(\"Debian Security Advisory DSA 2891-1 (mediawiki, mediawiki-extensions - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-11 11:58:05 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-03-30 00:00:00 +0100 (Sun, 30 Mar 2014)\");\n script_tag(name: \"cvss_base\", value:\"10.0\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2891.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"mediawiki\", ver:\"1:1.19.14+dfsg-0+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mediawiki\", ver:\"1:1.19.14+dfsg-0+deb7u1\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mediawiki\", ver:\"1:1.19.14+dfsg-0+deb7u1\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"mediawiki\", ver:\"1:1.19.14+dfsg-0+deb7u1\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-02-13T16:45:45", "description": "Several vulnerabilities were discovered in MediaWiki, a wiki engine.\nThe Common Vulnerabilities and Exposures project identifies the following\nissues:\n\nCVE-2013-2031\nCross-site scripting attack via valid UTF-7 encoded sequences\nin a SVG file.\n\nCVE-2013-4567 & CVE-2013-4568\nKevin Israel (Wikipedia user PleaseStand) reported two ways\nto inject Javascript due to an incomplete blacklist in the\nCSS sanitizer function.\n\nCVE-2013-4572\nMediaWiki and the CentralNotice extension were incorrectly setting\ncache headers when a user was autocreated, causing the user", "cvss3": {}, "published": "2014-03-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2891-1 (mediawiki, mediawiki-extensions - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4567", "CVE-2013-2031", "CVE-2014-1610", "CVE-2013-6453", "CVE-2013-4568", "CVE-2013-6472", "CVE-2013-6452", "CVE-2014-2665", "CVE-2013-6454", "CVE-2013-4572"], "modified": "2020-02-13T00:00:00", "id": "OPENVAS:1361412562310702891", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702891", "sourceData": "# OpenVAS Vulnerability Test\n# Auto-generated from advisory DSA 2891-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702891\");\n script_version(\"2020-02-13T09:17:49+0000\");\n script_cve_id(\"CVE-2013-2031\", \"CVE-2013-4567\", \"CVE-2013-4568\", \"CVE-2013-4572\", \"CVE-2013-6452\", \"CVE-2013-6453\", \"CVE-2013-6454\", \"CVE-2013-6472\", \"CVE-2014-1610\", \"CVE-2014-2665\");\n script_name(\"Debian Security Advisory DSA 2891-1 (mediawiki, mediawiki-extensions - security update)\");\n script_tag(name:\"last_modification\", value:\"2020-02-13 09:17:49 +0000 (Thu, 13 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-03-30 00:00:00 +0100 (Sun, 30 Mar 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2891.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"mediawiki, mediawiki-extensions on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 1:1.19.14+dfsg-0+deb7u1 of the mediawiki package and 3.5~deb7u1\nof the mediawiki-extensions package.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:1.19.14+dfsg-1 of the mediawiki package and 3.5 of the\nmediawiki-extensions package.\n\nWe recommend that you upgrade your mediawiki packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities were discovered in MediaWiki, a wiki engine.\nThe Common Vulnerabilities and Exposures project identifies the following\nissues:\n\nCVE-2013-2031\nCross-site scripting attack via valid UTF-7 encoded sequences\nin a SVG file.\n\nCVE-2013-4567 & CVE-2013-4568\nKevin Israel (Wikipedia user PleaseStand) reported two ways\nto inject Javascript due to an incomplete blacklist in the\nCSS sanitizer function.\n\nCVE-2013-4572\nMediaWiki and the CentralNotice extension were incorrectly setting\ncache headers when a user was autocreated, causing the user's\nsession cookies to be cached, and returned to other users.\n\nCVE-2013-6452\nChris from RationalWiki reported that SVG files could be\nuploaded that include external stylesheets, which could lead to\nXSS when an XSL was used to include JavaScript.\n\nCVE-2013-6453\nMediaWiki's SVG sanitization could be bypassed when the XML was\nconsidered invalid.\n\nCVE-2013-6454\nMediaWiki's CSS sanitization did not filter -o-link attributes,\nwhich could be used to execute JavaScript in Opera 12.\n\nCVE-2013-6472\nMediaWiki displayed some information about deleted pages in\nthe log API, enhanced RecentChanges, and user watchlists.\n\nCVE-2014-1610\nA remote code execution vulnerability existed if file upload\nsupport for DjVu (natively handled) or PDF files (in\ncombination with the PdfHandler extension) was enabled.\nNeither file type is enabled by default in MediaWiki.\n\nCVE-2014-2665\nCross site request forgery in login form: an attacker could login\na victim as the attacker.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"mediawiki\", ver:\"1:1.19.14+dfsg-0+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:44", "description": "Gentoo Linux Local Security Checks GLSA 201502-04", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201502-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9476", "CVE-2014-9479", "CVE-2014-2244", "CVE-2014-9477", "CVE-2014-5243", "CVE-2014-5241", "CVE-2014-2242", "CVE-2014-9487", "CVE-2014-5242", "CVE-2014-7199", "CVE-2014-1610", "CVE-2013-6453", "CVE-2014-9277", "CVE-2013-6472", "CVE-2014-9481", "CVE-2014-2243", "CVE-2014-9475", "CVE-2014-9507", "CVE-2013-6452", "CVE-2014-9478", "CVE-2014-2665", "CVE-2014-9276", "CVE-2013-6454", "CVE-2014-2853", "CVE-2013-6451", "CVE-2014-7295", "CVE-2014-9480"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121343", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201502-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121343\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:28 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201502-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers and MediaWiki announcement referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201502-04\");\n script_cve_id(\"CVE-2013-6451\", \"CVE-2013-6452\", \"CVE-2013-6453\", \"CVE-2013-6454\", \"CVE-2013-6472\", \"CVE-2014-1610\", \"CVE-2014-2242\", \"CVE-2014-2243\", \"CVE-2014-2244\", \"CVE-2014-2665\", \"CVE-2014-2853\", \"CVE-2014-5241\", \"CVE-2014-5242\", \"CVE-2014-5243\", \"CVE-2014-7199\", \"CVE-2014-7295\", \"CVE-2014-9276\", \"CVE-2014-9277\", \"CVE-2014-9475\", \"CVE-2014-9476\", \"CVE-2014-9477\", \"CVE-2014-9478\", \"CVE-2014-9479\", \"CVE-2014-9480\", \"CVE-2014-9481\", \"CVE-2014-9487\", \"CVE-2014-9507\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201502-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-apps/mediawiki\", unaffected: make_list(\"ge 1.23.8\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-apps/mediawiki\", unaffected: make_list(\"ge 1.22.15\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-apps/mediawiki\", unaffected: make_list(\"ge 1.19.23\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"www-apps/mediawiki\", unaffected: make_list(), vulnerable: make_list(\"lt 1.23.8\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:14:26", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2891-3 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nMarch 31, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : mediawiki, mediawiki-extensions\nCVE ID : CVE-2013-2031 CVE-2013-4567 CVE-2013-4568 CVE-2013-4572 \n CVE-2013-6452 CVE-2013-6453 CVE-2013-6454 CVE-2013-6472\n CVE-2014-1610 CVE-2014-2665\nDebian Bug : 729629 706601 742857 742857\n\nThe Mediawiki update issued as DSA 2891-1 caused regressions. This\nupdate fixes those problems. For reference the original advisory\ntext follows.\n\nSeveral vulnerabilities were discovered in MediaWiki, a wiki engine.\nThe Common Vulnerabilities and Exposures project describers the followin\nissues:\n\nCVE-2013-2031\n\n Cross-site scripting attack via valid UTF-7 encoded sequences\n in a SVG file.\n\nCVE-2013-4567 & CVE-2013-4568\n\n Kevin Israel (Wikipedia user PleaseStand) reported two ways\n to inject Javascript due to an incomplete blacklist in the\n CSS sanitizer function.\n\nCVE-2013-4572\n\n MediaWiki and the CentralNotice extension were incorrectly setting\n cache headers when a user was autocreated, causing the user's\n session cookies to be cached, and returned to other users.\n\nCVE-2013-6452\n\n Chris from RationalWiki reported that SVG files could be\n uploaded that include external stylesheets, which could lead to\n XSS when an XSL was used to include JavaScript.\n\nCVE-2013-6453\n\n MediaWiki's SVG sanitization could be bypassed when the XML was\n considered invalid.\n\nCVE-2013-6454\n\n MediaWiki's CSS sanitization did not filter -o-link attributes,\n which could be used to execute JavaScript in Opera 12.\n\nCVE-2013-6472\n\n MediaWiki displayed some information about deleted pages in\n the log API, enhanced RecentChanges, and user watchlists.\n\nCVE-2014-1610\n\n A remote code execution vulnerability existed if file upload\n support for DjVu (natively handled) or PDF files (in\n combination with the PdfHandler extension) was enabled.\n Neither file type is enabled by default in MediaWiki.\n\nCVE-2014-2665\n\n Cross site request forgery in login form: an attacker could login\n a victim as the attacker.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.19.15+dfsg-0+deb7u1 of the mediawiki package and 3.5~deb7u2\nof the mediawiki-extensions package.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1:1.19.15+dfsg-1 of the mediawiki package and 3.5 of the\nmediawiki-extensions package.\n\nWe recommend that you upgrade your mediawiki packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2014-04-04T18:02:59", "type": "debian", "title": "[SECURITY] [DSA 2891-3] mediawiki regression update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2031", "CVE-2013-4567", "CVE-2013-4568", "CVE-2013-4572", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2665"], "modified": "2014-04-04T18:02:59", "id": "DEBIAN:DSA-2891-3:4C320", "href": "https://lists.debian.org/debian-security-announce/2014/msg00068.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2021-06-08T18:49:20", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2014-05-10T00:00:00", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-3430", "CVE-2014-2989", "CVE-2014-3243", "CVE-2014-2301", "CVE-2014-0130", "CVE-2014-3242", "CVE-2014-2665", "CVE-2014-2689", "CVE-2014-3146", "CVE-2014-3225"], "modified": "2014-05-10T00:00:00", "id": "SECURITYVULNS:VULN:13764", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13764", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2022-01-17T19:07:10", "description": "### Background\n\nMediaWiki is a collaborative editing software used by large projects such as Wikipedia. \n\n### Description\n\nMultiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers and MediaWiki announcement referenced below for details. \n\n### Impact\n\nA remote attacker may be able to execute arbitrary code with the privileges of the process, create a Denial of Service condition, obtain sensitive information, bypass security restrictions, and inject arbitrary web script or HTML. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MediaWiki 1.23 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/mediawiki-1.23.8\"\n \n\nAll MediaWiki 1.22 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/mediawiki-1.22.15\"\n \n\nAll MediaWiki 1.19 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-apps/mediawiki-1.19.23\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2015-02-07T00:00:00", "type": "gentoo", "title": "MediaWiki: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6451", "CVE-2013-6452", "CVE-2013-6453", "CVE-2013-6454", "CVE-2013-6472", "CVE-2014-1610", "CVE-2014-2242", "CVE-2014-2243", "CVE-2014-2244", "CVE-2014-2665", "CVE-2014-2853", "CVE-2014-5241", "CVE-2014-5242", "CVE-2014-5243", "CVE-2014-7199", "CVE-2014-7295", "CVE-2014-9276", "CVE-2014-9277", "CVE-2014-9475", "CVE-2014-9476", "CVE-2014-9477", "CVE-2014-9478", "CVE-2014-9479", "CVE-2014-9480", "CVE-2014-9481", "CVE-2014-9487", "CVE-2014-9507"], "modified": "2015-02-07T00:00:00", "id": "GLSA-201502-04", "href": "https://security.gentoo.org/glsa/201502-04", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
