Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-1766HistoryMay 23, 2011 - 10:55 p.m.
CVE-2011-1766
2011-05-2322:55:01
Debian Security Bug Tracker
security-tracker.debian.org
17
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.018
Percentile
88.1%
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID and wikiUserName cookies, or by leveraging an unattended workstation.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mediawiki | < 1:1.39.7-1~deb12u1 | mediawiki_1:1.39.7-1~deb12u1_all.deb |
| Debian | 11 | all | mediawiki | < 1:1.35.13-1+deb11u2 | mediawiki_1:1.35.13-1+deb11u2_all.deb |
| Debian | 999 | all | mediawiki | < 1:1.39.8-1 | mediawiki_1:1.39.8-1_all.deb |
| Debian | 13 | all | mediawiki | < 1:1.39.8-1 | mediawiki_1:1.39.8-1_all.deb |
Related
prion
prion
Authentication flaw
2011-05-23 22:55:00
ubuntucve
ubuntucve
CVE-2011-1766
2011-05-23 00:00:00
nvd
nvd
CVE-2011-1766
2011-05-23 22:55:01
cvelist
cvelist
CVE-2011-1766
2011-05-23 22:00:00
cve
cve
CVE-2011-1766
2011-05-23 22:55:01
openvas
openvas
Fedora Update for mediawiki FEDORA-2011-6774
2011-05-23 00:00:00
Fedora Update for mediawiki FEDORA-2011-6774
2011-05-23 00:00:00
Fedora Update for mediawiki FEDORA-2011-6775
2011-05-23 00:00:00
nessus
nessus
Fedora 14 : mediawiki-1.16.5-59.fc14 (2011-6774)
2011-05-23 00:00:00
Fedora 15 : mediawiki-1.16.5-59.fc15 (2011-6781)
2011-05-19 00:00:00
Fedora 13 : mediawiki-1.16.5-59.fc13 (2011-6775)
2011-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: mediawiki-1.16.5-59.fc15
2011-05-19 05:09:45
[SECURITY] Fedora 14 Update: mediawiki-1.16.5-59.fc14
2011-05-20 20:55:43
[SECURITY] Fedora 13 Update: mediawiki-1.16.5-59.fc13
2011-05-20 20:58:01
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2012-06-21 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.018
Percentile
88.1%
Related for DEBIANCVE:CVE-2011-1766