SB2014060208 - Multiple vulnerabilities in MediaWiki

Description

This security bulletin contains information about 2 vulnerabilities.

1) Input validation error (CVE-ID: CVE-2012-5391)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id. Per: http://cwe.mitre.org/data/definitions/384.html "CWE-384: Session Fixation"

2) Input validation error (CVE-ID: CVE-2012-5395)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauth_Session cookie. Per: http://cwe.mitre.org/data/definitions/384.html "CWE-384: Session Fixation"

Remediation

Install update from vendor's website.

References

• http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098975.html
• http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100843.html
• http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100845.html
• http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-November/000122.html
• https://bugzilla.wikimedia.org/show_bug.cgi?id=40995
• https://exchange.xforce.ibmcloud.com/vulnerabilities/83008
• https://bugzilla.wikimedia.org/show_bug.cgi?id=40962