Executive Summary

Informations
NameCVE-2010-0717First vendor Publication2010-02-26
VendorCveLast vendor Modification2010-06-05

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0717

CWE : Common Weakness Enumeration

idName
CWE-16Configuration

CPE : Common Platform Enumeration

TypeDescriptionCount
Application44

OpenVAS Exploits

DateDescription
2012-10-22Name : Gentoo Security Advisory GLSA 201210-02 (MoinMoin)
File : nvt/glsa_201210_02.nasl
2010-03-12Name : Ubuntu Update for moin vulnerabilities USN-911-1
File : nvt/gb_ubuntu_USN_911_1.nasl
2010-03-05Name : MoinMoin Wiki 'cfg' Package Configuration Unspecified Vulnerability
File : nvt/gb_moinmoin_wiki_cfg_pkg_unspecified_vuln.nasl
2010-03-02Name : Fedora Update for moin FEDORA-2010-1712
File : nvt/gb_fedora_2010_1712_moin_fc12.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
62654MoinMoin cfg.packagepages_actions_excluded Default Configuration Unspecified ...

Nessus® Vulnerability Scanner

DateDescription
2012-10-19Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201210-02.nasl - Type : ACT_GATHER_INFO
2010-03-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2014.nasl - Type : ACT_GATHER_INFO
2010-03-12Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-911-1.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
CONFIRMhttp://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
http://moinmo.in/MoinMoinRelease1.8
DEBIANhttp://www.debian.org/security/2010/dsa-2014
MLISThttp://www.openwall.com/lists/oss-security/2010/02/15/2
SECUNIAhttp://secunia.com/advisories/38903
VUPENhttp://www.vupen.com/english/advisories/2010/0600
XFhttp://xforce.iss.net/xforce/xfdb/56595

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:54:03
  • Multiple Updates
2013-05-10 23:19:05
  • Multiple Updates