Vulnerability Solutions
 |
added scans last 7 days |
| The Nimsoft Cloud Monitor Periodic Vulnerability Scan checks for the vulnerability below. To see the most recently added vulnerability solutions that are scanned by WatchMouse, go to the Vulnerability Solutions overview |
| Category: Debian Local Security Checks | Risk factor: High | Added: 16 Mar 2010 |
| Synopsis: The remote host is missing the DSA-2014 security update Description: Several vulnerabilities have been discovered in moin, a python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0668 Multiple security issues in MoinMoin related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured. CVE-2010-0669 MoinMoin does not properly sanitize user profiles. CVE-2010-0717 The default configuration of cfg.packagepages_actions_excluded in MoinMoin does not prevent unsafe package actions. In addition, this update fixes an error when processing hierarchical ACLs, which can be exploited to access restricted sub-pages. For the stable distribution (lenny), these problems have been fixed in version 1.7.1-3+lenny3. See also: http://www.debian.org/security/2010/dsa-2014 Solution: The Debian project recommends that you upgrade your moin package. Risk factor: High / CVSS Base Score : 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) |
||
