ID CVE-2013-2114
Summary Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
References
Vulnerable Configurations
  • MediaWiki MediaWiki 1.20.1
    cpe:2.3:a:mediawiki:mediawiki:1.20.1
  • MediaWiki MediaWiki 1.20.2
    cpe:2.3:a:mediawiki:mediawiki:1.20.2
  • MediaWiki MediaWiki 1.20.3
    cpe:2.3:a:mediawiki:mediawiki:1.20.3
  • MediaWiki MediaWiki 1.20.4
    cpe:2.3:a:mediawiki:mediawiki:1.20.4
  • MediaWiki MediaWiki 1.20.5
    cpe:2.3:a:mediawiki:mediawiki:1.20.5
  • MediaWiki 1.19
    cpe:2.3:a:mediawiki:mediawiki:1.19
  • MediaWiki 1.19 beta 1
    cpe:2.3:a:mediawiki:mediawiki:1.19:beta_1
  • MediaWiki 1.19 beta 2
    cpe:2.3:a:mediawiki:mediawiki:1.19:beta_2
  • MediaWiki 1.19.0
    cpe:2.3:a:mediawiki:mediawiki:1.19.0
  • MediaWiki MediaWiki 1.19.1
    cpe:2.3:a:mediawiki:mediawiki:1.19.1
  • MediaWiki MediaWiki 1.19.2
    cpe:2.3:a:mediawiki:mediawiki:1.19.2
  • MediaWiki MediaWiki 1.19.3
    cpe:2.3:a:mediawiki:mediawiki:1.19.3
  • MediaWiki MediaWiki 1.19.4
    cpe:2.3:a:mediawiki:mediawiki:1.19.4
  • MediaWiki MediaWiki 1.19.5
    cpe:2.3:a:mediawiki:mediawiki:1.19.5
  • MediaWiki MediaWiki 1.19.6
    cpe:2.3:a:mediawiki:mediawiki:1.19.6
CVSS
Base: 6.8 (as of 18-11-2013 - 10:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family CGI abuses
    NASL id MEDIAWIKI_1_19_7.NASL
    description According to its version number, the instance of MediaWiki running on the remote host is affected by an arbitrary file upload vulnerability due to a flaw that fails to validate file extensions when files are uploaded via chunks using the API. Note that Nessus has not tested for this issue but has instead relied on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 66841
    published 2013-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66841
    title MediaWiki 1.19.x < 1.19.7 / 1.20.x < 1.20.6 Arbitrary File Upload
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201310-21.NASL
    description The remote host is affected by the vulnerability described in GLSA-201310-21 (MediaWiki: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact : A remote attacker may be able to execute arbitrary code, perform man-in-the-middle attacks, obtain sensitive information or perform cross-site scripting attacks. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 70677
    published 2013-10-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70677
    title GLSA-201310-21 : MediaWiki: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-9622.NASL
    description - (bug 48306) SECURITY: Run file validation checks on chunked uploads, and chunks of upload, during the upload process. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 67370
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67370
    title Fedora 17 : mediawiki-1.19.7-1.fc17 (2013-9622)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2013-9616.NASL
    description - (bug 48306) SECURITY: Run file validation checks on chunked uploads, and chunks of upload, during the upload process. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-05
    plugin id 67368
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67368
    title Fedora 18 : mediawiki-1.19.7-1.fc18 (2013-9616)
refmap via4
confirm https://bugzilla.wikimedia.org/show_bug.cgi?id=48306
gentoo GLSA-201310-21
mlist
  • [MediaWiki-announce] 20130521 MediaWiki Security Release: 1.20.6 and 1.19.7
  • [oss-security] 20130524 Re: CVE request: MediaWiki chunked uploads vulnerability
secunia 55433
Last major update 21-11-2013 - 12:32
Published 17-11-2013 - 21:55
Back to Top