CVE-2005-0536
CVSS5.0
发布时间 :2005-05-02 00:00:00
修订时间 :2011-03-07 21:20:12
NMCOP    

[原文]Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion.


[CNNVD]MediaWiki多个未明远程漏洞(CNNVD-200505-187)

        MediaWiki 1.3.11之前的1.3.x以及1.4 rc1之前的1.4 beta中存在目录遍历漏洞,允许远程攻击者通过与图像删除相关的参数来删除任意文件或决定文件存在与否。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:mediawiki:mediawiki:1.3.3MediaWiki 1.3.3
cpe:/a:mediawiki:mediawiki:1.4_beta5
cpe:/a:mediawiki:mediawiki:1.3.2MediaWiki 1.3.2
cpe:/a:mediawiki:mediawiki:1.4_beta6
cpe:/a:mediawiki:mediawiki:1.3.7MediaWiki 1.3.7
cpe:/a:mediawiki:mediawiki:1.3.0MediaWiki 1.3.0
cpe:/a:mediawiki:mediawiki:1.4_beta4
cpe:/a:mediawiki:mediawiki:1.3.10MediaWiki 1.3.10
cpe:/a:mediawiki:mediawiki:1.3.8MediaWiki 1.3.8
cpe:/a:mediawiki:mediawiki:1.3.6MediaWiki 1.3.6
cpe:/a:mediawiki:mediawiki:1.4_beta3
cpe:/a:mediawiki:mediawiki:1.3.1MediaWiki 1.3.1
cpe:/a:mediawiki:mediawiki:1.3.5MediaWiki 1.3.5
cpe:/a:mediawiki:mediawiki:1.4_beta2
cpe:/a:mediawiki:mediawiki:1.3.9MediaWiki 1.3.9
cpe:/a:mediawiki:mediawiki:1.3.4MediaWiki 1.3.4
cpe:/a:mediawiki:mediawiki:1.4_beta1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0536
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0536
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-187
(官方数据源) CNNVD

- 其它链接及资源

http://sourceforge.net/project/shownotes.php?release_id=307067
(PATCH)  CONFIRM  http://sourceforge.net/project/shownotes.php?release_id=307067
http://securitytracker.com/id?1013260
(VENDOR_ADVISORY)  SECTRACK  1013260
http://secunia.com/advisories/14360
(VENDOR_ADVISORY)  SECUNIA  14360
http://www.gentoo.org/security/en/glsa/glsa-200502-33.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200502-33

- 漏洞信息

MediaWiki多个未明远程漏洞
中危 路径遍历
2005-05-02 00:00:00 2005-10-20 00:00:00
远程  
        MediaWiki 1.3.11之前的1.3.x以及1.4 rc1之前的1.4 beta中存在目录遍历漏洞,允许远程攻击者通过与图像删除相关的参数来删除任意文件或决定文件存在与否。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://prdownloads.sourceforge.net/wikipedia/mediawiki-1.3.11.tar.gz?download

- 漏洞信息 (F36406)

Gentoo Linux Security Advisory 200502-33 (PacketStormID:F36406)
2005-03-03 00:00:00
Gentoo  security.gentoo.org
advisory,xss,csrf
linux,gentoo
CVE-2005-0534,CVE-2005-0535,CVE-2005-0536
[点击下载]

Gentoo Linux Security Advisory GLSA 200502-33 - A security audit of the MediaWiki project discovered that MediaWiki is vulnerable to several cross-site scripting and cross-site request forgery attacks, and that the image deletion code does not sufficiently sanitize input parameters. Versions less than 1.3.11 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200502-33
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Low
     Title: MediaWiki: Multiple vulnerabilities
      Date: February 28, 2005
      Bugs: #80729, #82954
        ID: 200502-33

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

MediaWiki is vulnerable to cross-site scripting, data manipulation and
security bypass attacks.

Background
==========

MediaWiki is a collaborative editing software, used by big projects
like Wikipedia.

Affected packages
=================

    -------------------------------------------------------------------
     Package             /  Vulnerable  /                   Unaffected
    -------------------------------------------------------------------
  1  www-apps/mediawiki      < 1.3.11                        >= 1.3.11

Description
===========

A security audit of the MediaWiki project discovered that MediaWiki is
vulnerable to several cross-site scripting and cross-site request
forgery attacks, and that the image deletion code does not sufficiently
sanitize input parameters.

Impact
======

By tricking a user to load a carefully crafted URL, a remote attacker
could hijack sessions and authentication cookies to inject malicious
script code that will be executed in a user's browser session in
context of the vulnerable site, or use JavaScript submitted forms to
perform restricted actions. Using the image deletion flaw, it is also
possible for authenticated administrators to delete arbitrary files via
directory traversal.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MediaWiki users should upgrade to the latest available version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.3.11"

References
==========

  [ 1 ] Secunia Advisory SA14125
        http://secunia.com/advisories/14125/
  [ 2 ] CAN-2005-0534
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0534
  [ 3 ] CAN-2005-0535
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0535
  [ 4 ] CAN-2005-0536
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0536

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200502-33.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

    

- 漏洞信息

14050
MediaWiki Image Deletion Arbitrary File Verification / Deletion

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-02-20 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.3.11 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站