ID de Prueba:	1.3.6.1.4.1.25623.1.0.71576
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201206-09 (MediaWiki)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201206-09.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201206-09. Vulnerability Insight: Multiple vulnerabilities have been found in MediaWiki, the worst of which leading to remote execution of arbitrary code. Solution: All MediaWiki users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/mediawiki-1.18.2' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2787 42019 http://www.securityfocus.com/bid/42019 FEDORA-2011-5495 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058588.html FEDORA-2011-5807 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html FEDORA-2011-5812 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html FEDORA-2011-5848 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058910.html [mediawiki-announce] 20100728 MediaWiki security release: 1.16.0 and 1.15.5 http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html [oss-security] 20100729 Re: CVE request: mediawiki http://openwall.com/lists/oss-security/2010/07/29/4 http://svn.wikimedia.org/viewvc/mediawiki?view=revision&revision=69776 https://bugzilla.redhat.com/show_bug.cgi?id=620224 https://bugzilla.redhat.com/show_bug.cgi?id=620226 https://bugzilla.wikimedia.org/show_bug.cgi?id=24565 Common Vulnerability Exposure (CVE) ID: CVE-2010-2788 42024 http://www.securityfocus.com/bid/42024 http://svn.wikimedia.org/viewvc/mediawiki?view=revision&revision=69952 http://svn.wikimedia.org/viewvc/mediawiki?view=revision&revision=69984 https://bugzilla.redhat.com/show_bug.cgi?id=620225 Common Vulnerability Exposure (CVE) ID: CVE-2010-2789 Common Vulnerability Exposure (CVE) ID: CVE-2011-0003 42810 http://secunia.com/advisories/42810 70272 http://www.osvdb.org/70272 ADV-2011-0017 http://www.vupen.com/english/advisories/2011/0017 [MediaWiki-announce] 20110104 MediaWiki security release 1.16.1 http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-January/000093.html [oss-security] 20110104 (possible) CVE request: Clickjacking in Mediawiki http://www.openwall.com/lists/oss-security/2011/01/04/6 [oss-security] 20110104 Re: (possible) CVE request: Clickjacking in Mediawiki http://www.openwall.com/lists/oss-security/2011/01/04/12 https://bugzilla.wikimedia.org/show_bug.cgi?id=26561 mediawiki-frames-clickjacking(64476) https://exchange.xforce.ibmcloud.com/vulnerabilities/64476 Common Vulnerability Exposure (CVE) ID: CVE-2011-0047 BugTraq ID: 46108 http://www.securityfocus.com/bid/46108 http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-February/000095.html http://osvdb.org/70770 http://secunia.com/advisories/43142 http://www.vupen.com/english/advisories/2011/0273 XForce ISS Database: mediawiki-css-comments-xss(65126) https://exchange.xforce.ibmcloud.com/vulnerabilities/65126 Common Vulnerability Exposure (CVE) ID: CVE-2011-0537 70798 http://osvdb.org/70798 70799 http://osvdb.org/70799 ADV-2011-0273 [MediaWiki-announce] 20110201 MediaWiki security release 1.16.2 [oss-security] 20110201 CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 http://www.openwall.com/lists/oss-security/2011/02/01/4 [oss-security] 20110203 Re: CVE request: Server-side arbitrary script inclusion vulnerability in MediaWiki <=1.16.1 http://www.openwall.com/lists/oss-security/2011/02/03/3 http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.2.patch.gz https://bugzilla.wikimedia.org/show_bug.cgi?id=27094 Common Vulnerability Exposure (CVE) ID: CVE-2011-1579 44142 http://secunia.com/advisories/44142 47354 http://www.securityfocus.com/bid/47354 ADV-2011-0978 http://www.vupen.com/english/advisories/2011/0978 ADV-2011-1100 http://www.vupen.com/english/advisories/2011/1100 ADV-2011-1151 http://www.vupen.com/english/advisories/2011/1151 DSA-2366 http://www.debian.org/security/2011/dsa-2366 [mediawiki-announce] 20110412 MediaWiki security release 1.16.3 http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-April/000096.html [oss-security] 20110413 Re: CVE request: mediawiki 1.16.3 http://openwall.com/lists/oss-security/2011/04/13/15 http://www.mediawiki.org/wiki/Special:Code/MediaWiki/85856 https://bugzilla.redhat.com/show_bug.cgi?id=695577 https://bugzilla.redhat.com/show_bug.cgi?id=696360 https://bugzilla.wikimedia.org/show_bug.cgi?id=28450 mediawiki-css-data-xss(66738) https://exchange.xforce.ibmcloud.com/vulnerabilities/66738 Common Vulnerability Exposure (CVE) ID: CVE-2011-1580 https://bugzilla.wikimedia.org/show_bug.cgi?id=28449 mediawiki-transwiki-sec-bypass(66739) https://exchange.xforce.ibmcloud.com/vulnerabilities/66739 Common Vulnerability Exposure (CVE) ID: CVE-2011-1766 44684 http://secunia.com/advisories/44684 47722 http://www.securityfocus.com/bid/47722 FEDORA-2011-6774 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060496.html FEDORA-2011-6775 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060507.html FEDORA-2011-6781 http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060435.html [mediawiki-announce] 20110505 MediaWiki security release 1.16.5 http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-May/000098.html https://bugzilla.redhat.com/show_bug.cgi?id=702512 https://bugzilla.wikimedia.org/show_bug.cgi?id=28639 Common Vulnerability Exposure (CVE) ID: CVE-2012-1578 48504 http://secunia.com/advisories/48504 52689 http://www.securityfocus.com/bid/52689 80361 http://osvdb.org/80361 [MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.17.3 http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html [MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.18.2 http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html [oss-security] 20120322 MediaWiki security and maintenance release 1.18.2 http://www.openwall.com/lists/oss-security/2012/03/22/9 [oss-security] 20120323 CVEs for MediaWiki security and maintenance release 1.18.2 http://www.openwall.com/lists/oss-security/2012/03/24/1 https://bugzilla.wikimedia.org/show_bug.cgi?id=34212 mediawiki-multiple-csrf(78911) https://exchange.xforce.ibmcloud.com/vulnerabilities/78911 Common Vulnerability Exposure (CVE) ID: CVE-2012-1579 https://bugzilla.wikimedia.org/show_bug.cgi?id=34907 Common Vulnerability Exposure (CVE) ID: CVE-2012-1580 80364 http://osvdb.org/80364 https://bugzilla.wikimedia.org/show_bug.cgi?id=35317 mediawiki-specialupload-csrf(74286) https://exchange.xforce.ibmcloud.com/vulnerabilities/74286 Common Vulnerability Exposure (CVE) ID: CVE-2012-1581 https://bugzilla.wikimedia.org/show_bug.cgi?id=35078 mediawiki-random-numbers-sec-bypass(78910) https://exchange.xforce.ibmcloud.com/vulnerabilities/78910 Common Vulnerability Exposure (CVE) ID: CVE-2012-1582 BugTraq ID: 52689 http://osvdb.org/80363 XForce ISS Database: mediawiki-wikitext-xss(74288) https://exchange.xforce.ibmcloud.com/vulnerabilities/74288
Copyright	Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.