oss-sec mailing list archives
Debian Moin Question
From: Josh Bressers <bressers () redhat com>
Date: Mon, 5 Apr 2010 14:25:05 -0400 (EDT)
Hello everyone, I just ran across this ID from MITRE: Name: CVE-2010-1238 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1238 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20100405 Category: Reference: DEBIAN:DSA-2024 Reference: URL:http://www.debian.org/security/2010/dsa-2024 MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values. The only data I can find on this is from the Debian DSA, and the information is quite slim. Can someone shed more light on this flaw? Thanks. -- JB
Current thread:
- Debian Moin Question Josh Bressers (Apr 05)
- Re: Debian Moin Question Michael Gilbert (Apr 05)
- Re: Debian Moin Question Giuseppe Iuculano (Apr 05)