#VU45105 Input validation error in MediaWiki - CVE-2011-1580

Cybersecurity Help s.r.o.

Published: 2011-04-27 | Updated: 2020-08-11

Vulnerability identifier: #VU45105

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2011-1580

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MediaWiki
Web applications / CMS

Vendor: MediaWiki.org

Description

The vulnerability allows a remote #AU# to manipulate data.

The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.

Mitigation
Install update from vendor's website.

Vulnerable software versions

MediaWiki: 1.1.0 - 1.16.1, 1.2.0 - 1.2.6, 1.3 - 1.3.15, 1.4 - 1.4.14, 1.5 - 1.5.8, 1.6.0 - 1.6.12, 1.7.0 - 1.7.3, 1.8.0 - 1.8.5, 1.9.0 - 1.9.6

External links
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058588.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html
https://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html
https://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html
https://openwall.com/lists/oss-security/2011/04/13/15
https://secunia.com/advisories/44142
https://www.debian.org/security/2011/dsa-2366
https://www.securityfocus.com/bid/47354
https://www.vupen.com/english/advisories/2011/0978
https://www.vupen.com/english/advisories/2011/1100
https://www.vupen.com/english/advisories/2011/1151
https://bugzilla.redhat.com/show_bug.cgi?id=695577
https://bugzilla.redhat.com/show_bug.cgi?id=696360
https://bugzilla.wikimedia.org/show_bug.cgi?id=28449
https://exchange.xforce.ibmcloud.com/vulnerabilities/66739

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in MediaWiki