Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8626

Опубликовано: 23 мар. 2017
Источник: debian

Описание

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mediawikifixed1:1.25.5-1package
mediawikino-dsawheezypackage
mediawikiend-of-lifesqueezepackage

Примечания

  • https://phabricator.wikimedia.org/T115522

Связанные уязвимости

ubuntu логотип

CVE-2015-8626

CVSS3: 9.8
ubuntu
почти 9 лет назад

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.

nvd логотип

CVE-2015-8626

CVSS3: 9.8
nvd
почти 9 лет назад

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.

github логотип

GHSA-2vh8-pg5g-9p42

CVSS3: 9.8
github
больше 3 лет назад

The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which makes it easier for remote attackers to obtain access via a brute-force attack.