FreeBSD : mediawiki -- multiple vulnerabilities (7c0fecd6-f42f-11e1-b17b-000c2977ec30)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

MediaWiki reports :

(Bug 39700) Wikipedia administrator Writ Keeper discovered a stored
XSS (HTML injection) vulnerability. This was possible due to the
handling of link text on File: links for nonexistent files. MediaWiki
1.16 and later is affected.

(Bug 39180) User Fomafix reported several DOM-based XSS
vulnerabilities, made possible by a combination of loose filtering of
the uselang parameter, and JavaScript gadgets on various language
Wikipedias.

(Bug 39180) During internal review, it was discovered that CSRF
tokens, available via the api, were not protected with X-Frame-Options
headers. This could lead to a CSRF vulnerability if the API response
is embedded in an external website using using an iframe.

(Bug 39824) During internal review, it was discovered extensions were
not always allowed to prevent the account creation action. This
allowed users blocked by the GlobalBlocking extension to create
accounts.

(Bug 39184) During internal review, it was discovered that password
data was always saved to the local MediaWiki database even if
authentication was handled by an extension, such as LDAP. This could
allow a compromised MediaWiki installation to leak information about
user's LDAP passwords. Additionally, in situations when an
authentication plugin returned false in its strict function, this
would allow old passwords to be used for accounts that did not exist
in the external system, indefinitely.

(Bug 39823) During internal review, it was discovered that metadata
about blocks, hidden by a user with suppression rights, was visible to
administrators.

See also :

https://bugzilla.wikimedia.org/show_bug.cgi?id=39700
https://bugzilla.wikimedia.org/show_bug.cgi?id=37587
https://bugzilla.wikimedia.org/show_bug.cgi?id=39180
https://bugzilla.wikimedia.org/show_bug.cgi?id=39824
https://bugzilla.wikimedia.org/show_bug.cgi?id=39184
https://bugzilla.wikimedia.org/show_bug.cgi?id=39823
http://www.nessus.org/u?a446847a

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 61765 ()

Bugtraq ID:

CVE ID: CVE-2012-4377
CVE-2012-4378
CVE-2012-4379
CVE-2012-4380
CVE-2012-4381
CVE-2012-4382

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now