CVE-2010-0668

Published: 26 February 2010

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Priority

Medium

Status

Package Release Status
moin
Launchpad, Ubuntu, Debian
Upstream
Released (1.8.7, 1.9.2-1)
Patches:
upstream: 3797:f7e942210f52 (1.7)
upstream: 3871:bba0ab704aa9 (1.7)
upstream: 3872:0eab7483b474 (1.7)
upstream: 3873:2ce0e1c469aa (1.7)
upstream: 3874:d3e1bae851ef (1.7)
upstream: 3875:35df310578d7 (1.7)
upstream: 3876:b29b47f681dd (1.7)
upstream: 3878:7f5b3389a7e1 (1.7)
upstream: 3879:9faee4b754c0 (1.7)
upstream: 3880:a283079b3f1e (1.7)
upstream: 3881:478dfec03a09 (1.7)
upstream: 3882:0e8fa2a6d016 (1.7)
upstream: 3883:09de6f176a91 (1.7)
upstream: 3884:28d3928f6e6e (1.7)
upstream: 3885:aa99f8e782dc (1.7)
upstream: 3886:8a19e015d6b2 (1.7)
upstream: 3887:879674c9320a (1.7)
upstream: 3892:369a2c879eb6 (1.7)
upstream: 4447:bba0ab704aa9 (1.8)
upstream: 4448:0eab7483b474 (1.8)
upstream: 4450:2ce0e1c469aa (1.8)
upstream: 4452:35df310578d7 (1.8)
upstream: 4453:b29b47f681dd (1.8)
upstream: 4454:d3e1bae851ef (1.8)
upstream: 4457:7f5b3389a7e1 (1.8)
upstream: 4458:9faee4b754c0 (1.8)
upstream: 4459:a283079b3f1e (1.8)
upstream: 4469:478dfec03a09 (1.8)
upstream: 4470:0e8fa2a6d016 (1.8)
upstream: 4471:09de6f176a91 (1.8)
upstream: 4472:28d3928f6e6e (1.8)
upstream: 4474:aa99f8e782dc (1.8)
upstream: 4475:8a19e015d6b2 (1.8)
upstream: 4476:879674c9320a (1.8)
upstream: 4493:369a2c879eb6 (1.8)

Notes

AuthorNote
jdstrand
upstream plans to backport to 1.7 and 1.8 only. Patches for 8.04 LTS
and 6.06 LTS need a lot of work since the 1.7 patches don't apply.

References