MoinMoin 'TextCha' Protection Security Bypass Vulnerability
BID:39327
Info
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
| Bugtraq ID: | 39327 |
| Class: | Design Error |
| CVE: |
CVE-2010-1238 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 30 2010 12:00AM |
| Updated: | Oct 18 2012 10:30PM |
| Credit: | Debian |
| Vulnerable: |
Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 MoinMoin MoinMoin 1.7.1 Gentoo Linux Debian Linux 5.0 sparc Debian Linux 5.0 s/390 Debian Linux 5.0 powerpc Debian Linux 5.0 mipsel Debian Linux 5.0 mips Debian Linux 5.0 m68k Debian Linux 5.0 ia-64 Debian Linux 5.0 ia-32 Debian Linux 5.0 hppa Debian Linux 5.0 armel Debian Linux 5.0 arm Debian Linux 5.0 amd64 Debian Linux 5.0 alpha Debian Linux 5.0 |
| Not Vulnerable: | |
Discussion
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
MoinMoin is prone to a security-bypass vulnerability that affects the 'TextCha' feature.
Successful exploits may allow attackers to bypass security restrictions and perform unauthorized actions.
MoinMoin 1.7.1 is affected; other versions may also be vulnerable.
MoinMoin is prone to a security-bypass vulnerability that affects the 'TextCha' feature.
Successful exploits may allow attackers to bypass security restrictions and perform unauthorized actions.
MoinMoin 1.7.1 is affected; other versions may also be vulnerable.
Exploit / POC
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
Attackers can use a browser to exploit this issue.
Attackers can use a browser to exploit this issue.
Solution / Fix
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
Solution:
Updates are available; please see the references for more information.
Ubuntu Ubuntu Linux 8.10 lpia
Debian Linux 5.0 hppa
Debian Linux 5.0 ia-64
Debian Linux 5.0 m68k
Ubuntu Ubuntu Linux 8.10 sparc
Debian Linux 5.0 arm
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu Ubuntu Linux 8.10 i386
Debian Linux 5.0 armel
Debian Linux 5.0
Debian Linux 5.0 alpha
Debian Linux 5.0 amd64
Debian Linux 5.0 ia-32
Debian Linux 5.0 mips
Debian Linux 5.0 s/390
Debian Linux 5.0 mipsel
Debian Linux 5.0 powerpc
Ubuntu Ubuntu Linux 8.10 amd64
Debian Linux 5.0 sparc
Solution:
Updates are available; please see the references for more information.
Ubuntu Ubuntu Linux 8.10 lpia
-
Ubuntu python-moinmoin_1.7.1-1ubuntu1.5_all.deb
http://security.ubuntu.com/ubuntu/pool/main/m/moin/python-moinmoin_1.7 .1-1ubuntu1.5_all.deb
Debian Linux 5.0 hppa
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 ia-64
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 m68k
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Ubuntu Ubuntu Linux 8.10 sparc
-
Ubuntu python-moinmoin_1.7.1-1ubuntu1.5_all.deb
http://security.ubuntu.com/ubuntu/pool/main/m/moin/python-moinmoin_1.7 .1-1ubuntu1.5_all.deb
Debian Linux 5.0 arm
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Ubuntu Ubuntu Linux 8.10 powerpc
-
Ubuntu python-moinmoin_1.7.1-1ubuntu1.5_all.deb
http://security.ubuntu.com/ubuntu/pool/main/m/moin/python-moinmoin_1.7 .1-1ubuntu1.5_all.deb
Ubuntu Ubuntu Linux 8.10 i386
-
Ubuntu python-moinmoin_1.7.1-1ubuntu1.5_all.deb
http://security.ubuntu.com/ubuntu/pool/main/m/moin/python-moinmoin_1.7 .1-1ubuntu1.5_all.deb
Debian Linux 5.0 armel
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 alpha
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 amd64
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 ia-32
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 mips
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 s/390
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 mipsel
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Debian Linux 5.0 powerpc
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
Ubuntu Ubuntu Linux 8.10 amd64
-
Ubuntu python-moinmoin_1.7.1-1ubuntu1.5_all.deb
http://security.ubuntu.com/ubuntu/pool/main/m/moin/python-moinmoin_1.7 .1-1ubuntu1.5_all.deb
Debian Linux 5.0 sparc
-
Debian python-moinmoin_1.7.1-3+lenny4_all.deb
http://security.debian.org/pool/updates/main/m/moin/python-moinmoin_1. 7.1-3+lenny4_all.deb
References
MoinMoin 'TextCha' Protection Security Bypass Vulnerability
References:
References:
- MoinMoin Homepage (MoinMoin)