Lucene search

[email protected]CVE-2010-0667

HistoryFeb 26, 2010 - 7:30 p.m.

CVE-2010-0667

2010-02-2619:30:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2010-0667

moinmoin

information security

vulnerability

remote attack

nvd

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.6%

JSON

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

CPENameOperatorVersion
moinmo:moinmoinmoinmo moinmoineq1.9.0

CPE	Name	Operator	Version
moinmo:moinmoin	moinmo moinmoin	eq	1.9.0

References

hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES

hg.moinmo.in/moin/1.9/rev/04afdde50094

hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2

marc.info/?l=oss-security&m=126625972814888&w=2

marc.info/?l=oss-security&m=126676896601156&w=2

moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18

moinmo.in/SecurityFixes

secunia.com/advisories/38242

www.openwall.com/lists/oss-security/2010/01/21/6

www.openwall.com/lists/oss-security/2010/02/15/2

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.6%

JSON

Related for CVE-2010-0667

openvas2 debiancve1 ubuntucve1 prion1 osv2 github1 cvelist1