Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 5 May 2011 15:38:27 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: mediawiki



----- Original Message -----
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I would like to announce the release of MediaWiki 1.16.5. Two security
> issues were discovered.
> 
> The first issue is yet another recurrence of the Internet Explorer 6
> XSS vulnerability that caused the release of 1.16.4. It was pointed
> out that there are dangerous extensions with more than four
> characters, so the regular expressions we introduced had to be updated
> to match longer extensions.
> 
> For more details, see
> https://bugzilla.wikimedia.org/show_bug.cgi?id=28534

Use CVE-2011-1765

> 
> The second issue allows unauthenticated users to gain additional
> rights, on wikis where $wgBlockDisablesLogin is enabled. By default,
> it is disabled. The issue occurs when a malicious user sends cookies
> which contain the user name and user ID of a "victim" account. In
> certain circumstances, the rights of the victim are loaded and persist
> throughout the malicious request, allowing the malicious user to
> perform actions with the victim's rights.
> 
> $wgBlockDisablesLogin is a feature which is sometimes used on private
> wikis to prevent users who have an account from logging in and viewing
> content on the wiki.
> 
> For more details, see
> https://bugzilla.wikimedia.org/show_bug.cgi?id=28639
> 

Use CVE-2011-1766

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.