#VU45107 Information disclosure in MediaWiki - CVE-2010-2787
Vulnerability identifier: #VU45107
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
MediaWiki
Web applications /
CMS
Vendor: MediaWiki.org
Description
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache that has been used by a victim.
Mitigation
Install update from vendor's website.
Vulnerable software versions
MediaWiki: 1.1.0 - 1.15.3, 1.2.0 - 1.2.6, 1.3 - 1.3.15, 1.4 - 1.4.14, 1.5 - 1.5.8
External links
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058588.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html
https://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
https://openwall.com/lists/oss-security/2010/07/29/4
https://svn.wikimedia.org/viewvc/mediawiki?view=revision&revision=69776
https://www.securityfocus.com/bid/42019
https://bugzilla.redhat.com/show_bug.cgi?id=620224
https://bugzilla.redhat.com/show_bug.cgi?id=620226
https://bugzilla.wikimedia.org/show_bug.cgi?id=24565
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
