Test ID:	1.3.6.1.4.1.25623.1.0.900422
Category:	Web application abuses
Title:	MediaWiki 1.8.1 - 1.13.3 Information Disclosure Vulnerabilities
Summary:	MediaWiki is prone to multiple information disclosure; vulnerabilities.
Description:	Summary: MediaWiki is prone to multiple information disclosure vulnerabilities. Vulnerability Insight: The flaws are due to: - wgShowExceptionDetails variable sometimes shows the installation path of MediaWiki which can lead to expose sensitive information about the remote system. - fails to protect against the download of backups of deleted images in images/deleted/. Vulnerability Impact: Successful exploitation will lead to gain knowledge on sensitive directories on the remote web server via requests. Affected Software/OS: MediaWiki versions 1.8.1 through 1.13.3. Solution: Update to version 1.15.4 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5687 https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01256.html https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01309.html http://lists.wikimedia.org/pipermail/mediawiki-announce/2008-December/000080.html http://secunia.com/advisories/33349 XForce ISS Database: mediawiki-images-info-disclosure(47678) https://exchange.xforce.ibmcloud.com/vulnerabilities/47678 Common Vulnerability Exposure (CVE) ID: CVE-2008-5688 http://www.mediawiki.org/wiki/Manual:$wgShowExceptionDetails
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.