Lucene search

[email protected]NVD:CVE-2010-0667

HistoryFeb 26, 2010 - 7:30 p.m.

CVE-2010-0667

2010-02-2619:30:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

71.7%

JSON

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected configurations

Nvd

Node

moinmomoinmoinMatch1.9.0

References

hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES

hg.moinmo.in/moin/1.9/rev/04afdde50094

hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2

marc.info/?l=oss-security&m=126625972814888&w=2

marc.info/?l=oss-security&m=126676896601156&w=2

moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18

moinmo.in/SecurityFixes

secunia.com/advisories/38242

www.openwall.com/lists/oss-security/2010/01/21/6

www.openwall.com/lists/oss-security/2010/02/15/2

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

71.7%

JSON

Related for NVD:CVE-2010-0667

openvas2 prion1 osv2 cve1 ubuntucve1 debiancve1 github1 cvelist1