Lucene search

MitreCVE-2010-0667

HistoryFeb 26, 2010 - 7:30 p.m.

CVE-2010-0667

2010-02-2619:30:00

CWE-200

mitre

web.nvd.nist.gov

cve-2010-0667

moinmoin

information security

vulnerability

remote attack

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.007

Percentile

79.9%

JSON

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected configurations

Nvd

Node

moinmomoinmoinMatch1.9.0

VendorProductVersionCPE
moinmomoinmoin1.9.0cpe:2.3:a:moinmo:moinmoin:1.9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moinmo	moinmoin	1.9.0	cpe:2.3:a:moinmo:moinmoin:1.9.0:::::::*

References

hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES

hg.moinmo.in/moin/1.9/rev/04afdde50094

hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2

marc.info/?l=oss-security&m=126625972814888&w=2

marc.info/?l=oss-security&m=126676896601156&w=2

moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18

moinmo.in/SecurityFixes

secunia.com/advisories/38242

www.openwall.com/lists/oss-security/2010/01/21/6

www.openwall.com/lists/oss-security/2010/02/15/2

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.1

Confidence

Low

EPSS

0.007

Percentile

79.9%

JSON

Related for CVE-2010-0667