Bug 580418 - (CVE-2010-1150) CVE-2010-1150 MediaWiki v.1.15.3: Login CSRF
CVE-2010-1150 MediaWiki v.1.15.3: Login CSRF
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
  Show dependency treegraph
Reported: 2010-04-08 04:45 EDT by Jan Lieskovsky
Modified: 2016-03-04 07:43 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-06-09 16:01:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2010-04-08 04:45:21 EDT
MediaWiki upstream has released:
  [1] http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html

latest, v.1.15.3 version, addressing one cross-site request forgery
(CSRF) issue (from [1]):

"MediaWiki was found to be vulnerable to login CSRF. An attacker who
controls a user account on the target wiki can force the victim to log
in as the attacker, via a script on an external website. If the wiki is
configured to allow user scripts, say with "$wgAllowUserJs = true" in
LocalSettings.php, then the attacker can proceed to mount a
phishing-style attack against the victim to obtain their password."

Upstream bug report:
  [2] https://bugzilla.wikimedia.org/show_bug.cgi?id=23076

CVE Request (and reply):
  [3] http://www.openwall.com/lists/oss-security/2010/04/07/1
  [4] http://www.openwall.com/lists/oss-security/2010/04/08/4
Comment 1 Jan Lieskovsky 2010-04-08 04:57:08 EDT
This issue has been already addressed in current versions
of mediawiki package, as shipped with Fedora release of 11
and 12. Particular builds (mediawiki-1.15.3-53.fc11 and
mediawiki-1.15.3-53.fc12) are already present in relevant
-candidate repositories for each of the above listed releases,
and once the Fedora stabilization process completes, they 
will be pushed into -stable.

Though, the EPEL-5 repository still contains mediawiki-1.14.0-45.el5,
as the latest version. 

Stephen, would it be possible to rebase the EPEL-5 version
to latest upstream v.1.15.3 version too? (as the previous
upstream release v.1.15.2 also addressed two security flaws --
CVE-2010-1189 and CVE-2010-1190).

Thanks && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team
Comment 2 Stephen John Smoogen 2014-06-09 16:01:16 EDT
I apologize. This ticket should have been closed years ago as we moved to only having the Wikimedia Longterm Support in EPEL.

Note You need to log in before you can comment on or make changes to this bug.