Lucene search
HistoryMar 30, 2009 - 1:30 a.m.
CVE-2008-6549
cve-2008-6549
moinmoin 1.6.1
denial of service
segmentation fault
python-crack
thread safety
6.8 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.3%
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moinmo:moinmoin | moinmo moinmoin | eq | 1.6.1 |
Related
cvelist
cvelist
CVE-2008-6549
2022-10-03 16:13:48
ubuntucve
ubuntucve
CVE-2008-6549
2009-03-30 00:00:00
osv
osv
MoinMoin Denial of Service vulnerability via password_checker function
2022-05-17 05:52:47
prion
prion
Design/Logic Flaw
2009-03-30 01:30:00
debiancve
debiancve
CVE-2008-6549
2009-03-30 01:30:00
github
github
MoinMoin Denial of Service vulnerability via password_checker function
2022-05-17 05:52:47
6.8 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.005 Low
EPSS
Percentile
75.3%
Related for CVE-2008-6549