Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Thu, 5 May 2011 15:38:27 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: mediawiki



----- Original Message -----
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> I would like to announce the release of MediaWiki 1.16.5. Two security
> issues were discovered.
> 
> The first issue is yet another recurrence of the Internet Explorer 6
> XSS vulnerability that caused the release of 1.16.4. It was pointed
> out that there are dangerous extensions with more than four
> characters, so the regular expressions we introduced had to be updated
> to match longer extensions.
> 
> For more details, see
> https://bugzilla.wikimedia.org/show_bug.cgi?id=28534

Use CVE-2011-1765

> 
> The second issue allows unauthenticated users to gain additional
> rights, on wikis where $wgBlockDisablesLogin is enabled. By default,
> it is disabled. The issue occurs when a malicious user sends cookies
> which contain the user name and user ID of a "victim" account. In
> certain circumstances, the rights of the victim are loaded and persist
> throughout the malicious request, allowing the malicious user to
> perform actions with the victim's rights.
> 
> $wgBlockDisablesLogin is a feature which is sometimes used on private
> wikis to prevent users who have an account from logging in and viewing
> content on the wiki.
> 
> For more details, see
> https://bugzilla.wikimedia.org/show_bug.cgi?id=28639
> 

Use CVE-2011-1766

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ