CVE-2008-1099
Published: 5 March 2008
_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages.
Priority
Low
Status
| Package | Release | Status |
|---|---|---|
|
moin Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.2-1ubuntu2.4)
|
| edgy |
Needed
(reached end-of-life)
|
|
| feisty |
Needed
(reached end-of-life)
|
|
| gutsy |
Released
(1.5.7-3ubuntu2.1)
|
|
| hardy |
Not vulnerable
(1.5.8-5.1ubuntu2)
|
|
| intrepid |
Not vulnerable
(code not present)
|
|
| upstream |
Released
(1.5.8-1)
|
Notes
| Author | Note |
|---|---|
| jdstrand | 1.7 does not contain the vulnerable code |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1099
- https://ubuntu.com/security/notices/USN-716-1
- NVD
- Launchpad
- Debian