FreeBSD : mediawiki -- multiple vulnerabilities (3c5a4fe0-9ebb-11e9-9169-fcaa147e860e)

critical Nessus Plugin ID 126485

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

MediaWiki reports :

Security fixes : T197279, CVE-2019-12468: Directly POSTing to Special:ChangeEmail would allow for bypassing reauthentication, allowing for potential account takeover. T204729, CVE-2019-12473:
Passing invalid titles to the API could cause a DoS by querying the entire `watchlist` table. T207603, CVE-2019-12471: Loading user JavaScript from a non-existent account allows anyone to create the account, and XSS the users' loading that script. T208881: blacklist CSS var(). T199540, CVE-2019-12472: It is possible to bypass the limits on IP range blocks (`$wgBlockCIDRLimit`) by using the API.
T212118, CVE-2019-12474: Privileged API responses that include whether a recent change has been patrolled may be cached publicly. T209794, CVE-2019-12467: A spammer can use Special:ChangeEmail to send out spam with no rate limiting or ability to block them. T25227, CVE-2019-12466: An account can be logged out without using a token(CRRF) T222036, CVE-2019-12469: Exposed suppressed username or log in Special:EditTags. T222038, CVE-2019-12470: Exposed suppressed log in RevisionDelete page. T221739, CVE-2019-11358: Fix potential XSS in jQuery.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?fa98ca56

http://www.nessus.org/u?af2c931c

Plugin Details

Severity: Critical

ID: 126485

File Name: freebsd_pkg_3c5a4fe09ebb11e99169fcaa147e860e.nasl

Version: 1.4

Type: local

Published: 7/5/2019

Updated: 1/8/2020

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mediawiki131, p-cpe:/a:freebsd:freebsd:mediawiki132, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 7/5/2019

Vulnerability Publication Date: 4/23/2019

Reference Information

CVE: CVE-2019-11358, CVE-2019-12466, CVE-2019-12467, CVE-2019-12468, CVE-2019-12469, CVE-2019-12470, CVE-2019-12471, CVE-2019-12472, CVE-2019-12473, CVE-2019-12474