CVE-2010-0668

Description

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Affected packages (3)

• Debian/moinfrom 0, < 1.7.1-3+lenny3
• PyPI/moin>= 1.5, < 1.8.7
• PyPI/moin>= 1.8, < 1.8.7, >= 1.9, < 1.9.2

References (26)

• ADVISORYhttp://secunia.com/advisories/38444
• ADVISORYhttp://secunia.com/advisories/38709
• ADVISORYhttp://secunia.com/advisories/38903
• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2010-0668
• ADVISORYhttp://www.vupen.com/english/advisories/2010/0266
• ADVISORYhttp://www.vupen.com/english/advisories/2010/0600
• PATCHhttps://github.com/moinwiki/moin
• WEBhttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
• WEBhttp://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
• WEBhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
• WEBhttp://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
• WEBhttp://marc.info/?l=oss-security&m=126625972814888&w=2
• WEBhttp://marc.info/?l=oss-security&m=126676896601156&w=2
• WEBhttp://moinmo.in/MoinMoinRelease1.8
• WEBhttp://moinmo.in/SecurityFixes
• WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=565604
• WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/56002
• WEBhttps://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-15.yaml
• WEBhttps://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903
• WEBhttps://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709
• WEBhttps://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444
• WEBhttps://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023
• WEBhttp://www.debian.org/security/2010/dsa-2014
• WEBhttp://www.openwall.com/lists/oss-security/2010/02/15/2
• WEBhttp://www.osvdb.org/62043
• WEBhttp://www.securityfocus.com/bid/38023