Jonathan Wiltshire
2010-Jul-28 10:59 UTC
[Secure-testing-team] Bug#590669: mediawiki: XSS vulnerability in profileinfo.php
Package: mediawiki Version: 1:1.15.4-2 Severity: serious Tags: security upstream Justification: user security hole, when default changed by local admin -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - From http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html: A cross-site scripting (XSS) vulnerability was discovered in profileinfo.php. The vulnerability is only exposed when the script is explicitly enabled in LocalSettings.php, with $wgEnableProfileInfo = true. - -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, ''unstable'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages mediawiki depends on: ii apache2 2.2.16-1 Apache HTTP Server metapackage ii apache2-mpm-prefork [httpd] 2.2.16-1 Apache HTTP Server - traditional n ii debconf [debconf-2.0] 1.5.33 Debian configuration management sy ii mime-support 3.48-1 MIME files ''mime.types'' & ''mailcap ii php5 5.3.2-2 server-side, HTML-embedded scripti ii php5-mysql 5.3.2-2 MySQL module for php5 ii php5-pgsql 5.3.2-2 PostgreSQL module for php5 Versions of packages mediawiki recommends: ii mysql-server 5.1.48-1 MySQL database server (metapackage ii mysql-server-5.1 [mysql-serve 5.1.48-1 MySQL database server binaries and ii php5-cli 5.3.2-2 command-line interpreter for the p Versions of packages mediawiki suggests: ii clamav 0.96.1+dfsg-3 anti-virus utility for Unix - comm ii imagemagick 7:6.6.2.6-1 image manipulation programs pn mediawiki-math <none> (no description available) pn memcached <none> (no description available) ii php5-gd 5.3.2-2 GD module for php5 - -- Configuration Files: /etc/mediawiki/apache.conf changed [not included] - -- debconf information excluded -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJMUA2OAAoJEFOUR53TUkxR2bIP/1VZO1Vfj69Qt9bw0nJRa5OS 4SP6JbaFdm9GXyq1Se2IL+bMNztggFlUjx06DUSgkJWc47PHQEhhbJbMz6cGmWlv Tx89sh+6QUOk0vaPUdRC68bqrW35M5iKSnYN45XmsUmr2CFvi96vmhAJ5//P26di Z5aiwSbqJfrQEqQiMvz8FDu6pUnI3Im+uYESs5JnM7WZkwYSU4+Sq5SLKSdzNp71 8yHkUF01zYXiidGAIf/hRYocFM4aLlB9rumZHyibeSrM1znCUmpCuXHGLPurffp/ ha6sDEkjNJiW/lJLxTAwaf67Ug9QJ6T/2TZktszZkGmjoxY2VK/kQsNSuGLWixp+ DWQGhLh3sHG63RdlPevTL+Lk1QKklFlCH4ueN5zvIP70cW+x8m8DHWFnDFDcKPhB TQ0XFS8BCRXrEztYO2sIbuBEVoDfRKnfHb8TGq6ngLBVAS04X4iugfCxXfwuYt8G c2KI+M1WQq2HLZ+kBysUjhYk0VVgDSxSA9YM1rVoaGQakZ4nFMgtUz8s2YnNeFzR sGAcwUAN6pzXx6BGUnBp8VrVN5coy3YZUq8ALoh0hMmxhj2nn8kt/0+wnH3Oz3o8 PskYswVLzS5mvUFXCrgdrhrQlK+3Z4j06a/uHnfPkRYLCUgEQVBADJQGJFoSufaP 2KGvL+/tSafQ9A4pUNVl =yj3S -----END PGP SIGNATURE-----