← voltar
CVE-2012-1581

CVE-2012-1581

EPSS 1.6%
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.htmlhttp://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.htmlhttps://bugzilla.wikimedia.org/show_bug.cgi?id=35078http://secunia.com/advisories/48504https://exchange.xforce.ibmcloud.com/vulnerabilities/78910http://www.openwall.com/lists/oss-security/2012/03/22/9http://www.openwall.com/lists/oss-security/2012/03/24/1http://www.securityfocus.com/bid/52689