Lucene search
DebianCVELIST:CVE-2017-8810HistoryNov 15, 2017 - 8:00 a.m.
CVE-2017-8810
2017-11-1508:00:00
debian
www.cve.org
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests.
CNA Affected
[
{
"product": "MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2017-8810
2017-11-15 00:00:00
cve
cve
CVE-2017-8810
2017-11-15 08:29:00
prion
prion
Design/Logic Flaw
2017-11-15 08:29:00
nvd
nvd
CVE-2017-8810
2017-11-15 08:29:00
debiancve
debiancve
CVE-2017-8810
2017-11-15 08:29:00
osv
osv
CVE-2017-8810
2017-11-15 08:29:00
mediawiki - security update
2017-11-15 00:00:00
nessus
nessus
Debian DSA-4036-1 : mediawiki - security update
2017-11-16 00:00:00
openvas
openvas
MediaWiki Multiple Vulnerabilities (Nov 2017) - Windows
2017-11-16 00:00:00
Debian: Security Advisory (DSA-4036-1)
2017-11-14 00:00:00
MediaWiki Multiple Vulnerabilities (Nov 2017) - Linux
2017-11-16 00:00:00
debian
debian
[SECURITY] [DSA 4036-1] mediawiki security update
2017-11-15 21:58:29
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2017-11-29 21:52:42
archlinux
archlinux
[ASA-201711-20] mediawiki: multiple issues
2017-11-15 00:00:00
freebsd
freebsd
mediawiki -- multiple vulnerabilities
2017-11-14 00:00:00