MoinMoin Wiki 'sys.argv' Information Disclosure Vulnerability Network Vulnerability

Summary

This host is running MoinMoin Wiki and is prone to Information Disclosure vulnerability

Impact

Successful exploitation will allow remote attackers to obtain sensitive information. Impact Level: Application

Solution

Upgrade to MoinMoin Wiki 1.9.1 or later, For updates refer to http://moinmo.in/MoinMoinDownload

Insight

The flaw exists while handling sys.argv parameter when the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected

MoinMoin Wiki version 1.9 before 1.9.1 on all platforms.

References

http://marc.info/?l=oss-security&m=126625972814888&w=2
http://secunia.com/advisories/38242
http://www.openwall.com/lists/oss-security/2010/01/21/6
http://www.openwall.com/lists/oss-security/2010/02/15/2

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0667

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability
Adobe ColdFusion HTTP Response Splitting Vulnerability
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Apache Archiva Home Page Cross-Site Scripting vulnerability
Apache Rave User Information Disclosure Vulnerability

Take action and discover your vulnerabilities