Lucene search

K

Debian Security Bug TrackerDEBIANCVE:CVE-2012-6495

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-6495

2022-10-0316:15:28

Debian Security Bug Tracker

security-tracker.debian.org

8

moinmoin

directory traversal

remote authentication

arbitrary files

cve-2012-6495

cve-2012-6081

execute code

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.4%

Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
Debian10allmoin< 1.9.5-3moin_1.9.5-3_all.deb

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.955 High

EPSS

Percentile

99.4%

Related for DEBIANCVE:CVE-2012-6495

cve2 nvd2 osv2 prion2 cvelist2 ubuntucve2 github2 nessus9 openvas10 gentoo1 thn2 fedora3 debiancve1 dsquare1 seebug1 packetstorm1 zdt1 canvas1 checkpoint_advisories1 freebsd1