Описание
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:moinmo:moinmoin:1.6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00543
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
ubuntu
больше 16 лет назад
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
debian
больше 16 лет назад
The password_checker function in config/multiconfig.py in MoinMoin 1.6 ...
CVSS3: 7.5
github
больше 3 лет назад
MoinMoin Denial of Service vulnerability via password_checker function
EPSS
Процентиль: 67%
0.00543
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo