Lucene search
HistoryJul 27, 2004 - 4:00 a.m.
CVE-2004-0708
moinmoin
remote attack
user privileges
cve-2004-0708
nvd
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.4%
MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moinmoin:moinmoin | moinmoin | eq | 1.2 |
| moinmoin:moinmoin | moinmoin | eq | 1.2.1 |
| moinmoin:moinmoin | moinmoin | eq | 1.1 |
Related
openvas
openvas
Gentoo Security Advisory GLSA 200407-09 (MoinMoin)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200407-09 (MoinMoin)
2008-09-24 00:00:00
FreeBSD Ports: moinmoin
2008-09-04 00:00:00
nessus
nessus
FreeBSD : MoinMoin administrative group name privilege escalation vulnerability (114)
2004-07-06 00:00:00
GLSA-200407-09 : MoinMoin: Group ACL bypass
2004-08-30 00:00:00
gentoo
gentoo
MoinMoin: Group ACL bypass
2004-07-11 00:00:00
debiancve
debiancve
CVE-2004-0708
2004-07-27 04:00:00
freebsd
freebsd
MoinMoin administrative group name privilege escalation vulnerability
2004-05-04 00:00:00
6.8 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.013 Low
EPSS
Percentile
85.4%
Related for CVE-2004-0708