What is the severity of CVE-2015-8001?

CVE-2015-8001 has the potential to allow a denial-of-service attack through infinite file chunk uploads.

How do I fix CVE-2015-8001?

To remediate CVE-2015-8001, update MediaWiki to version 1.25.3 or later, 1.24.4 or later, or 1.23.11 or later.

What software versions are affected by CVE-2015-8001?

CVE-2015-8001 affects MediaWiki versions up to and including 1.25.2, as well as 1.24.3 and earlier versions.

Can CVE-2015-8001 be exploited by any user?

Yes, a malicious user can exploit CVE-2015-8001 by uploading an excessive number of chunks to a single file upload.

Is there a specific configuration required to be vulnerable to CVE-2015-8001?

No specific configuration is required; any affected version of MediaWiki is vulnerable regardless of configuration.

Vulnerability/
CVE-2015-8001

low

3.5

CWE

79 284

20/10/2015

9/11/2015

6/8/2024

CVE-2015-8001: XSS

First published: Tue Oct 20 2015(Updated: )

Several flaws were found in Mediawiki: * Wikipedia user RobinHood70 reported that the API failed to correctly stop adding new chunks to the upload when the reported size was exceeded, allowing a malicious users to upload add an infinite number of chunks for a single file upload. <<a href="https://phabricator.wikimedia.org/T91203">https://phabricator.wikimedia.org/T91203</a>> * Wikipedia user RobinHood70 also reported that a malicious user could upload chunks of 1 byte for very large files, potentially creating a very large number of files on the server's filesystem. <<a href="https://phabricator.wikimedia.org/T91205">https://phabricator.wikimedia.org/T91205</a>> * Internal review discovered that it is not possible to throttle file uploads. <<a href="https://phabricator.wikimedia.org/T91850">https://phabricator.wikimedia.org/T91850</a>> * Internal review discovered a missing authorization check when removing suppression from a revision. This allowed users with the 'viewsuppressed' user right but not the appropriate 'suppressrevision' user right to unsuppress revisions. <<a href="https://phabricator.wikimedia.org/T95589">https://phabricator.wikimedia.org/T95589</a>> * Richard Stanway from teamliquid.net reported that thumbnails of PNG files generated with ImageMagick contained the local file path in the image metadata. <<a href="https://phabricator.wikimedia.org/T108616">https://phabricator.wikimedia.org/T108616</a>> * Extension:PageTriage - MediaWiki user Grunny discovered a DOM-based XSS in the way the extension handled page titles. <<a href="https://phabricator.wikimedia.org/T111029">https://phabricator.wikimedia.org/T111029</a>> * Extension:Echo - Internal review discovered that Echo could display deleted or suppressed usernames when the username was previously used to Thank users. <<a href="https://phabricator.wikimedia.org/T110553">https://phabricator.wikimedia.org/T110553</a>> * Extension:OAuth - Wikipedia user Sitic discovered that the OAuth extension did not correctly enforce the IP restrictions of a Consumer when using previously negotiated credentials. <<a href="https://phabricator.wikimedia.org/T103022">https://phabricator.wikimedia.org/T103022</a>> * Extension:OAuth - Wikipedia user Sitic discovered that OAuth would accept a valid signature from any Consumer when checking the authorization signature. This allowed a registered Consumer who gained access to another Consumer's users' access tokens and secrets to use those credentials. <<a href="https://phabricator.wikimedia.org/T103023">https://phabricator.wikimedia.org/T103023</a>> CVE request and original report: <a href="http://seclists.org/oss-sec/2015/q4/104">http://seclists.org/oss-sec/2015/q4/104</a>

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
redhat/mediawiki	<1.25.3	1.25.3
redhat/mediawiki	<1.24.4	1.24.4
redhat/mediawiki	<1.23.11	1.23.11
Wikimedia MediaWiki	<=1.23.10
Wikimedia MediaWiki	=1.24.0
Wikimedia MediaWiki	=1.24.1
Wikimedia MediaWiki	=1.24.2
Wikimedia MediaWiki	=1.24.3
Wikimedia MediaWiki	=1.25.0
Wikimedia MediaWiki	=1.25.1
Wikimedia MediaWiki	=1.25.2

Remedy

https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-8001?
CVE-2015-8001 has the potential to allow a denial-of-service attack through infinite file chunk uploads.
How do I fix CVE-2015-8001?
To remediate CVE-2015-8001, update MediaWiki to version 1.25.3 or later, 1.24.4 or later, or 1.23.11 or later.
What software versions are affected by CVE-2015-8001?
CVE-2015-8001 affects MediaWiki versions up to and including 1.25.2, as well as 1.24.3 and earlier versions.
Can CVE-2015-8001 be exploited by any user?
Yes, a malicious user can exploit CVE-2015-8001 by uploading an excessive number of chunks to a single file upload.
Is there a specific configuration required to be vulnerable to CVE-2015-8001?
No specific configuration is required; any affected version of MediaWiki is vulnerable regardless of configuration.

agent/type
agent/first-publish-date
agent/references
agent/weakness
agent/severity
agent/author
agent/remedy
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2015-8001
agent/software-canonical-lookup
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/mediawiki
canonical/wikimedia mediawiki
version/wikimedia mediawiki/1.23.10
version/wikimedia mediawiki/1.24.0
version/wikimedia mediawiki/1.24.1
version/wikimedia mediawiki/1.24.2
version/wikimedia mediawiki/1.24.3
version/wikimedia mediawiki/1.25.0
version/wikimedia mediawiki/1.25.1
version/wikimedia mediawiki/1.25.2