CVE-2010-0668

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
moinmomoinmoin
1.5.0
moinmomoinmoin
1.5.0:beta1
moinmomoinmoin
1.5.0:beta2
moinmomoinmoin
1.5.0:beta3
moinmomoinmoin
1.5.0:beta4
moinmomoinmoin
1.5.0:beta5
moinmomoinmoin
1.5.0:beta6
moinmomoinmoin
1.5.0:rc1
moinmomoinmoin
1.5.1
moinmomoinmoin
1.5.2
moinmomoinmoin
1.5.3
moinmomoinmoin
1.5.3:rc1
moinmomoinmoin
1.5.3:rc2
moinmomoinmoin
1.5.4
moinmomoinmoin
1.5.5
moinmomoinmoin
1.5.5:rc1
moinmomoinmoin
1.5.5a:a
moinmomoinmoin
1.5.6
moinmomoinmoin
1.5.7
moinmomoinmoin
1.5.8
moinmomoinmoin
1.6.0
moinmomoinmoin
1.6.0:beta1
moinmomoinmoin
1.6.0:beta2
moinmomoinmoin
1.6.0:rc1
moinmomoinmoin
1.6.0:rc2
moinmomoinmoin
1.6.1
moinmomoinmoin
1.6.2
moinmomoinmoin
1.6.3
moinmomoinmoin
1.6.4
moinmomoinmoin
1.7.0
moinmomoinmoin
1.7.0:beta1
moinmomoinmoin
1.7.0:beta2
moinmomoinmoin
1.7.0:rc1
moinmomoinmoin
1.7.0:rc2
moinmomoinmoin
1.7.0:rc3
moinmomoinmoin
1.7.1
moinmomoinmoin
1.7.2
moinmomoinmoin
1.7.3
moinmomoinmoin
1.8.0
moinmomoinmoin
1.8.1
moinmomoinmoin
1.8.2
moinmomoinmoin
1.8.3
moinmomoinmoin
1.8.4
moinmomoinmoin
1.8.6
moinmomoinmoin
1.9.0
moinmomoinmoin
1.9.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
moin
karmic
Fixed 1.8.4-1ubuntu1.1
released
jaunty
Fixed 1.8.2-2ubuntu2.2
released
intrepid
Fixed 1.7.1-1ubuntu1.3
released
hardy
Fixed 1.5.8-5.1ubuntu2.3
released
dapper
Fixed 1.5.2-1ubuntu2.5
released
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
http://marc.info/?l=oss-security&m=126625972814888&w=2
http://marc.info/?l=oss-security&m=126676896601156&w=2
http://moinmo.in/MoinMoinRelease1.8
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/38444
http://secunia.com/advisories/38709
http://secunia.com/advisories/38903
http://www.debian.org/security/2010/dsa-2014
http://www.openwall.com/lists/oss-security/2010/02/15/2
http://www.osvdb.org/62043
http://www.securityfocus.com/bid/38023
http://www.vupen.com/english/advisories/2010/0266
http://www.vupen.com/english/advisories/2010/0600
https://bugzilla.redhat.com/show_bug.cgi?id=565604
https://exchange.xforce.ibmcloud.com/vulnerabilities/56002
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975
http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html
http://marc.info/?l=oss-security&m=126625972814888&w=2
http://marc.info/?l=oss-security&m=126676896601156&w=2
http://moinmo.in/MoinMoinRelease1.8
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/38444
http://secunia.com/advisories/38709
http://secunia.com/advisories/38903
http://www.debian.org/security/2010/dsa-2014
http://www.openwall.com/lists/oss-security/2010/02/15/2
http://www.osvdb.org/62043
http://www.securityfocus.com/bid/38023
http://www.vupen.com/english/advisories/2010/0266
http://www.vupen.com/english/advisories/2010/0600
https://bugzilla.redhat.com/show_bug.cgi?id=565604
https://exchange.xforce.ibmcloud.com/vulnerabilities/56002