CVE-2009-4762 in Ubuntu

CVE-2009-4762

Priority

Description

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in
certain inappropriate circumstances during processing of hierarchical ACLs,
which allows remote attackers to bypass intended access restrictions by
requesting an item, a different vulnerability than CVE-2008-6603.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4762
http://moinmo.in/SecurityFixes
https://usn.ubuntu.com/usn/usn-941-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975

Notes

mdeslaur

Hierarchical ACLs were introduced in 1.6.0, so dapper and
hardy don't appear to be vulnerable.

Package

Source: moin (LP Ubuntu Debian)

Upstream:

released (1.7.3, 1.8.3)

Patches:

Upstream:	http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
Upstream:	http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-12-05 20:54:11 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)