Mandriva Linux Security Advisory 2014-119 - XSS vulnerability in MediaWiki before 1.22.7, due to usernames on Special:PasswordReset being parsed as wikitext. The username on Special:PasswordReset can be supplied by anyone and will be parsed with wgRawHtml enabled. Since Special:PasswordReset is whitelisted by default on private wikis, this could potentially lead to an XSS crossing a privilege boundary.
a1992ff84b104e35deccf903a719347089e5ad68eb7da559aca1b6174e9da33c-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:119
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : mediawiki
Date : June 10, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Updated mediawiki packages fix security vulnerability:
XSS vulnerability in MediaWiki before 1.22.7, due to usernames on
Special:PasswordReset being parsed as wikitext. The username on
Special:PasswordReset can be supplied by anyone and will be parsed
with wgRawHtml enabled. Since Special:PasswordReset is whitelisted
by default on private wikis, this could potentially lead to an XSS
crossing a privilege boundary (CVE-2014-3966).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966
http://advisories.mageia.org/MGASA-2014-0253.html
_______________________________________________________________________
Updated Packages:
Mandriva Business Server 1/X86_64:
ff6c87c0ca4184be601a11c11487b5a6 mbs1/x86_64/mediawiki-1.22.7-1.mbs1.noarch.rpm
64e807f5fa514e1149b4bdf51433efb6 mbs1/x86_64/mediawiki-mysql-1.22.7-1.mbs1.noarch.rpm
891e200fedb9c4eba765c824b2320346 mbs1/x86_64/mediawiki-pgsql-1.22.7-1.mbs1.noarch.rpm
d80771e17bd538455da34534b3da2e28 mbs1/x86_64/mediawiki-sqlite-1.22.7-1.mbs1.noarch.rpm
92c5c9e169e42307b700f97de6f23309 mbs1/SRPMS/mediawiki-1.22.7-1.mbs1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTlwx/mqjQ0CJFipgRAoWfAKDzOErE37mmvJoT3SyXJXuHBBGpOwCg8BRx
cWYvlL1QW2ri4ugTZt2imCU=
=fW5t
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed