CVE-2009-4762 in Ubuntu

CVE-2009-4762 (retired)

Priority

Description

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in
certain inappropriate circumstances during processing of hierarchical ACLs,
which allows remote attackers to bypass intended access restrictions by
requesting an item, a different vulnerability than CVE-2008-6603.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4762
http://moinmo.in/SecurityFixes
https://usn.ubuntu.com/usn/usn-941-1

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975

Notes

mdeslaur> Hierarchical ACLs were introduced in 1.6.0, so dapper and
mdeslaur> hardy don't appear to be vulnerable.

Package

Source: moin (LP Ubuntu Debian)

Upstream:

released (1.7.3, 1.8.3)

Patches:

Upstream:	http://hg.moinmo.in/moin/1.7/rev/897cdbe9e8f2
Upstream:	http://hg.moinmo.in/moin/1.8/rev/897cdbe9e8f2

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2019-03-26 11:50:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)