Описание
MoinMoin Improper Access Control vulnerability
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-4762
- https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-13.yaml
- https://web.archive.org/web/20140805132556/http://secunia.com/advisories/39887
- https://web.archive.org/web/20200228153929/http://www.securityfocus.com/bid/35277
- http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
- http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2
- http://moinmo.in/SecurityFixes
- http://ubuntu.com/usn/usn-941-1
- http://www.debian.org/security/2010/dsa-2014
Пакеты
moin
>= 1.7.0, < 1.7.3
1.7.3
moin
>= 1.8.0, < 1.8.3
1.8.3
Связанные уязвимости
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...