Summary: | <www-apps/mediawiki-1.18.1 Information leaks (CVE-2011-{4360,4361}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sean Amoss (RETIRED) <ackle> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | trapni, web-apps |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-November/000104.html | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 398687 | ||
Bug Blocks: |
Description
Sean Amoss (RETIRED)
2011-11-29 10:52:44 UTC
CVE-2011-4361 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4361): MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ExtTab, and InlineEditor extensions. CVE-2011-4360 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4360): MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter. Thanks, everyone. GLSA vote: no. GLSA Vote: no, too, closing noglsa. |