Click here to load reader
Upload
totaldefense
View
47
Download
3
Embed Size (px)
DESCRIPTION
Hackers use Remote Code Execution (RCE) loophole to breach Mediwiki platform and Wikipedia. Visit http://blogs.totaldefense.com/securityblog.aspxforcloud-based endpoint security solutions for home and businesses.
Citation preview
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 1
Serious security breach in Wikipedia
Hackers can use a loophole in one of the world's largest Web sites, remotely take control of it and plant
malware in it. The same loophole also affects hundreds of thousands of other sites.
A particularly severe security breach was discovered on the MediaWiki platform, which is relied by
hundreds of thousands of websites across the net, including the online encyclopedia site Wikipedia, one
of the ten most viewed websites on the Internet.
The loophole is a RCE type (Remote Code Execution), which is one of deep and serious loopholes that
can be detected on a website and that allows remote code execution on a site.
This is the third RCE type breach that was discovered in MediaWiki since its launch in 2006, however it
is probably the most serious breach, because it does not require special tools, browser extensions or
advanced knowledge. Anyone can use the loophole from a browser, and it is very simple to perform.
Even worse, the loophole allows a hacker to gain full access to the web server on which the website is
stored, with all the related implications. The hacker can access the database of the site, the
organizational intranet that is connected to the site, to its users and more. Hackers can also easily
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 2
transplant malicious code in the site and make any Wiki site a distributor of spyware and Trojans. In
the case of Wikipedia, the hackers could also gain access to all the details of the editors and editorial
history.
The Wikimedia Foundation was already notified about the breach, and quickly amended the security
hole on Wikipedia by releasing new site platform version 1.22.2 with security updates. It is expected
that most independent sites will quickly repair the fault as well. As mentioned, the official website of
Wikipedia has already been fixed.
Because MediaWiki is an open-source platform based on PHP, it allows creating free private and public
Wikipedia websites. There are now hundreds of thousands of Wikis in the world, some deal with
matters such as books, movies and TV series. There are also quite a few internal organization Wikis
such as banks and universities that are all based on MediaWiki and all are vulnerable to attack.
The Wikipedia site combines over 400 thousand Wikis Communities, and together have more than 200
million visitors a month.
It is unknown how many Wiki sites are there all over the world, but the number may be higher than one
million. Not all Wiki sites are vulnerable, but only those that allow uploading of files such as PDF and
other formats.
However, by definition it is a very popular functionality that is implemented in most Wiki sites.
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com Page 3
About TotalDefense:
Total Defense(@Total_Defense) is a global leader in malware detection and anti-crimeware solutions. We offer a broad portfolio of leading security products for the consumer market used by over four million consumers worldwide. Our solutions also include the industry’s first complete cloud security platform, providing fully integrated endpoint, web and email security through a single Web-based management console with a single set of enforceable security policies
Total Defense is a former business of CA Technologies, one of the largest software companies in the world, and has operations in New York, California, Europe, Israel and Asia.
Visit http://www.totaldefense.com/ for web, cloud & mobile security solutions for home users and businesses.