PublicDate: 2008-03-05 20:44:00 UTC
Candidate: CVE-2008-1099
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1099
 https://ubuntu.com/security/notices/USN-716-1
Description:
 _macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not
 properly enforce ACLs, which allows remote attackers to read protected
 pages.
Ubuntu-Description:
Notes:
 jdstrand> 1.7 does not contain the vulnerable code
Bugs:
 https://bugs.launchpad.net/bugs/200897
Priority: low
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_moin:
 vendor: http://www.debian.org/security/2008/dsa-1514
 other: http://hg.moinmo.in/moin/1.5/rev/4a7de0173734
upstream_moin: released (1.5.8-1)
dapper_moin: released (1.5.2-1ubuntu2.4)
edgy_moin: needed (reached end-of-life)
feisty_moin: needed (reached end-of-life)
gutsy_moin: released (1.5.7-3ubuntu2.1)
hardy_moin: not-affected (1.5.8-5.1ubuntu2)
intrepid_moin: not-affected (code not present)
devel_moin: not-affected