MediaWiki Multiple Information Disclosure Vulnerabilities
BID:50844
Info
MediaWiki Multiple Information Disclosure Vulnerabilities
| Bugtraq ID: | 50844 |
| Class: | Design Error |
| CVE: |
CVE-2011-4360 CVE-2011-4361 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 29 2011 12:00AM |
| Updated: | Dec 19 2011 08:59PM |
| Credit: | Alexandre Emsenhuber and Tim Starling |
| Vulnerable: |
MediaWiki Mediawiki 1.17 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: |
MediaWiki Mediawiki 1.17.1 |
Discussion
MediaWiki Multiple Information Disclosure Vulnerabilities
MediaWiki is prone to multiple information-disclosure vulnerabilities.
An attacker can exploit these vulnerabilities to gain access to sensitive information, that may aid in further attacks.
MediaWiki 1.17.0 is vulnerable; prior versions may also be affected.
MediaWiki is prone to multiple information-disclosure vulnerabilities.
An attacker can exploit these vulnerabilities to gain access to sensitive information, that may aid in further attacks.
MediaWiki 1.17.0 is vulnerable; prior versions may also be affected.
Exploit / POC
MediaWiki Multiple Information Disclosure Vulnerabilities
An attacker can exploit these issues through a browser.
An attacker can exploit these issues through a browser.
Solution / Fix
MediaWiki Multiple Information Disclosure Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
MediaWiki Multiple Information Disclosure Vulnerabilities
References:
References:
- [MediaWiki-announce] MediaWiki security release 1.17.1 (MediaWIki)
- MediaWiki Homepage (MediaWiki)