Fedora 13 : mediawiki-1.16.4-58.fc13 (2011-5807)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

This update brings mediawiki to version 1.16.4, which is the latest
stable release at the moment, but currently also the only supported
and recommended release by the mediawiki developer community.

Further changes :

- some simple wiki management functionality was added :

- mw-createinstance <path> creates a wiki instance under
<path>, which is autoupgraded upon package updates.

- any wiki path entered in /etc/mediawiki/instances will
be autoupgraded upon package updates.

- /var/www/wiki is entered into this list automatically,
but you can remove it if you don't want this instance to
be autoupgraded.

- opensearch and suggestions are enabled by default

- several bug fixes (see changelog).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=614065
https://bugzilla.redhat.com/show_bug.cgi?id=620226
https://bugzilla.redhat.com/show_bug.cgi?id=644325
https://bugzilla.redhat.com/show_bug.cgi?id=662402
https://bugzilla.redhat.com/show_bug.cgi?id=667201
https://bugzilla.redhat.com/show_bug.cgi?id=674456
https://bugzilla.redhat.com/show_bug.cgi?id=682281
https://bugzilla.redhat.com/show_bug.cgi?id=696361
https://bugzilla.redhat.com/show_bug.cgi?id=697434
http://www.nessus.org/u?783f327d

Solution :

Update the affected mediawiki package.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.8
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 53608 ()

Bugtraq ID: 42019
42024
46108
47354

CVE ID: CVE-2010-2787
CVE-2010-2788
CVE-2011-0003
CVE-2011-0047
CVE-2011-1578
CVE-2011-1579
CVE-2011-1580

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now