FreeBSD : mediawiki -- multiple vulnerabilities (b973a763-7936-11e5-a2a1-002590263bf5)

critical Nessus Plugin ID 86554

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

MediaWiki reports :

Wikipedia user RobinHood70 reported two issues in the chunked upload API. The API failed to correctly stop adding new chunks to the upload when the reported size was exceeded (T91203), allowing a malicious users to upload add an infinite number of chunks for a single file upload. Additionally, a malicious user could upload chunks of 1 byte for very large files, potentially creating a very large number of files on the server's filesystem (T91205).

Internal review discovered that it is not possible to throttle file uploads.

Internal review discovered a missing authorization check when removing suppression from a revision. This allowed users with the 'viewsuppressed' user right but not the appropriate 'suppressrevision' user right to unsuppress revisions.

Richard Stanway from teamliquid.net reported that thumbnails of PNG files generated with ImageMagick contained the local file path in the image metadata.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?da85c1ce

https://phabricator.wikimedia.org/T91203

https://phabricator.wikimedia.org/T91205

https://phabricator.wikimedia.org/T91850

https://phabricator.wikimedia.org/T95589

https://phabricator.wikimedia.org/T108616

https://www.openwall.com/lists/oss-security/2015/10/29/14

http://www.nessus.org/u?a7ceb1cd

Plugin Details

Severity: Critical

ID: 86554

File Name: freebsd_pkg_b973a763793611e5a2a1002590263bf5.nasl

Version: 2.7

Type: local

Published: 10/23/2015

Updated: 1/6/2021

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mediawiki123, p-cpe:/a:freebsd:freebsd:mediawiki124, p-cpe:/a:freebsd:freebsd:mediawiki125, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/23/2015

Vulnerability Publication Date: 10/16/2015

Reference Information

CVE: CVE-2015-8001, CVE-2015-8002, CVE-2015-8003, CVE-2015-8004, CVE-2015-8005, CVE-2015-8006, CVE-2015-8007, CVE-2015-8008, CVE-2015-8009