Bug 620224 - (CVE-2010-2787) CVE-2010-2787 MediaWiki (< v1.15.5, v1.16.0): Private data leakage via public caching headers
CVE-2010-2787 MediaWiki (< v1.15.5, v1.16.0): Private data leakage via public...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
public=20100728,reported=20100728,sou...
: Security
Depends On: 620226
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-01 12:14 EDT by Jan Lieskovsky
Modified: 2015-07-31 02:30 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2010-08-01 12:14:11 EDT
Tim Starling reported:
  [1] https://bugzilla.wikimedia.org/show_bug.cgi?id=24565#c0

a deficiency in the way MediaWiki processed private cache headers
for almost all API operations. Further exact flaw implications from Tim [1]:

A user's browser can be tricked into requesting private data with public
caching headers, via a CSRF-style attack on an external web page. The attacker
would cause the victim's browser to request private data with public caching
headers, then the attacker would download the same data from the intermediate
HTTP proxy, bypassing access controls.

References:
  [2] http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-July/000092.html
Comment 1 Jan Lieskovsky 2010-08-01 12:18:30 EDT
This issue affects the versions of the mediawiki package, as shipped
with Fedora release of 12 and 13.

Please fix.
Comment 2 Jan Lieskovsky 2010-08-01 12:23:22 EDT
Created mediawiki tracking bugs for this issue

Affects: fedora-all [bug 620226]

Note You need to log in before you can comment on or make changes to this bug.