Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-6548HistoryOct 03, 2022 - 4:13 p.m.
CVE-2008-6548
2022-10-0316:13:50
Debian Security Bug Tracker
security-tracker.debian.org
9
moinmoin acl bypass unix
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
34.1%
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | moin | < 1.6.2-1 | moin_1.6.2-1_all.deb |
Related
cve
cve
CVE-2008-6548
2022-10-03 16:13:50
prion
prion
Code injection
2009-03-30 01:30:00
nvd
nvd
CVE-2008-6548
2009-03-30 01:30:00
github
github
MoinMoin improper access control on the included page for the rst parser
2022-05-17 05:52:47
ubuntucve
ubuntucve
CVE-2008-6548
2009-03-30 00:00:00
osv
osv
MoinMoin improper access control on the included page for the rst parser
2022-05-17 05:52:47
cvelist
cvelist
CVE-2008-6548
2022-10-03 16:13:50
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
34.1%
Related for DEBIANCVE:CVE-2008-6548