SB2017111522 - Arch Linux update for mediawiki

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017111522

SB2017111522 - Arch Linux update for mediawiki

Published: November 15, 2017 Updated: November 15, 2017

Security Bulletin ID SB2017111522
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Medium 63% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2017-0361)

The vulnerability allows a local authenticated user to execute arbitrary code.

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext.


2) Cross-site scripting (CVE-ID: CVE-2017-8808)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser sends non-standard URL escaping.


3) Improper Neutralization of Special Elements in Output Used by a Downstream Component (CVE-ID: CVE-2017-8809)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability.


4) Information disclosure (CVE-ID: CVE-2017-8810)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests.


5) Input validation error (CVE-ID: CVE-2017-8811)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling attacks.


6) Input validation error (CVE-ID: CVE-2017-8812)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attribute of a headline.


7) Input validation error (CVE-ID: CVE-2017-8814)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a rule definition followed by "a lot of junk."


8) Input validation error (CVE-ID: CVE-2017-8815)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rules.


Remediation

Install update from vendor's website.

References