 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.63055 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 9 FEDORA-2008-11802 (mediawiki) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to mediawiki announced via advisory FEDORA-2008-11802. Update Information: This is a security release of MediaWiki 1.13.3. Some of the security issues affect *all* versions of MediaWiki except the versions released on Dec. 15th, so all site administrators are encouraged to upgrade. For details, please visit the referenced security advisories. ChangeLog: * Tue Dec 23 2008 Axel Thimm - 1.13.3-42 - Update to 1.13.3, closes RH bug #476621 (CVE-2008-5249, CVE-2008-5250, CVE-2008-5252 and CVE-2008-5687, CVE-2008-5688) * Sun Oct 5 2008 Axel Thimm - 1.13.2-41 - Update to 1.13.2. References: [ 1 ] Bug #476621 - mediawiki: multiple XSS and CSRF issues (CVE-2008-5249, CVE-2008-5250, CVE-2008-5252, CVE-2008-5687, CVE-2008-5688) https://bugzilla.redhat.com/show_bug.cgi?id=476621 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update mediawiki' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-11802 Risk factor : High CVSS Score: 5.8 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-5249 BugTraq ID: 32844 http://www.securityfocus.com/bid/32844 Debian Security Information: DSA-1901 (Google Search) http://www.debian.org/security/2009/dsa-1901 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01256.html https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01309.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html http://secunia.com/advisories/33133 http://secunia.com/advisories/33349 Common Vulnerability Exposure (CVE) ID: CVE-2008-5250 SuSE Security Announcement: SUSE-SR:2009:004 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html Common Vulnerability Exposure (CVE) ID: CVE-2008-5252 Common Vulnerability Exposure (CVE) ID: CVE-2008-5687 XForce ISS Database: mediawiki-images-info-disclosure(47678) https://exchange.xforce.ibmcloud.com/vulnerabilities/47678 Common Vulnerability Exposure (CVE) ID: CVE-2008-5688 http://www.mediawiki.org/wiki/Manual:$wgShowExceptionDetails |
| Copyright | Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |