 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.59801 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 7 FEDORA-2007-2189 (mediawiki) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to mediawiki announced via advisory FEDORA-2007-2189. MediaWiki is the software used for Wikipedia and the other Wikimedia Foundation websites. Compared to other wikis, it has an excellent range of features and support for high-traffic websites using multiple servers This package supports wiki farms. Copy /var/www/wiki over to the desired wiki location and configure it through the web interface. Remember to remove the config dir after completing the configuration. Update Information: Update to 1.9.4 to fix cross site scripting vulnerability in API pretty-printing mode. More info: http://secunia.com/advisories/26772/ ChangeLog: * Wed Sep 12 2007 Ville Skyttä - 1.9.4-35 - Update to 1.9.4 (security http://secunia.com/advisories/26772/, #287881) * Mon Aug 6 2007 Axel Thimm - 1.9.3-34.0.1 - Bump release to please koji/CVS. * Thu Feb 22 2007 Axel Thimm - 1.9.3-34 - Update to 1.9.3. References: [ 1 ] Bug #287881 - CVE-2007-4828 mediawiki cross-site scripting vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=287881 [ 2 ] CVE-2007-4828 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4828 Updated packages: c1813c9ceac403e56f6f7c1a7107627d1119edab mediawiki-debuginfo-1.9.4-35.fc7.i386.rpm 36f09da786ba48f2bae631f12eebd92c57af9798 mediawiki-1.9.4-35.fc7.i386.rpm 6b52f49d8b92e97a897e59d4be023ddf219e1f95 mediawiki-debuginfo-1.9.4-35.fc7.x86_64.rpm 7fa49ebec6e029247a5a0594ca5214afee358254 mediawiki-1.9.4-35.fc7.x86_64.rpm b5e590251fa3d0fae390b4291cd05ef6ba0228b7 mediawiki-debuginfo-1.9.4-35.fc7.ppc.rpm a2af54bdb142509aa6718f8c402c0512e2f3a801 mediawiki-1.9.4-35.fc7.ppc.rpm c542527bdc2a573182423e3dbce4fd8d7163faec mediawiki-1.9.4-35.fc7.src.rpm This update can be installed with the yum update program. Use su -c 'yum update mediawiki' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. Solution: Apply the appropriate updates. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-2189 Risk factor : Medium CVSS Score: 4.3 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4828 BugTraq ID: 25632 http://www.securityfocus.com/bid/25632 http://fedoranews.org/updates/FEDORA-2007-218.shtml https://bugzilla.redhat.com/show_bug.cgi?id=287881 http://lists.wikimedia.org/pipermail/mediawiki-announce/2007-September/000067.html http://secunia.com/advisories/26772 http://secunia.com/advisories/26870 http://www.vupen.com/english/advisories/2007/3130 XForce ISS Database: mediawiki-prettyprinting-xss(36558) https://exchange.xforce.ibmcloud.com/vulnerabilities/36558 |
| Copyright | Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |