FreeBSD : mediawiki -- multiple vulnerabilities (b973a763-7936-11e5-a2a1-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

MediaWiki reports :

Wikipedia user RobinHood70 reported two issues in the chunked upload
API. The API failed to correctly stop adding new chunks to the upload
when the reported size was exceeded (T91203), allowing a malicious
users to upload add an infinite number of chunks for a single file
upload. Additionally, a malicious user could upload chunks of 1 byte
for very large files, potentially creating a very large number of
files on the server's filesystem (T91205).

Internal review discovered that it is not possible to throttle file
uploads.

Internal review discovered a missing authorization check when removing
suppression from a revision. This allowed users with the
'viewsuppressed' user right but not the appropriate 'suppressrevision'
user right to unsuppress revisions.

Richard Stanway from teamliquid.net reported that thumbnails of PNG
files generated with ImageMagick contained the local file path in the
image metadata.

See also :

http://www.nessus.org/u?da85c1ce
https://phabricator.wikimedia.org/T91203
https://phabricator.wikimedia.org/T91205
https://phabricator.wikimedia.org/T91850
https://phabricator.wikimedia.org/T95589
https://phabricator.wikimedia.org/T108616
http://www.openwall.com/lists/oss-security/2015/10/29/14
http://www.nessus.org/u?1ca1d2e5

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 86554 ()

Bugtraq ID:

CVE ID: CVE-2015-8001
CVE-2015-8002
CVE-2015-8003
CVE-2015-8004
CVE-2015-8005
CVE-2015-8006
CVE-2015-8007
CVE-2015-8008
CVE-2015-8009

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now