FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0708

This CVE name corresponds to:

Entered Topic
2004-06-28 MoinMoin administrative group name privilege escalation vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0708 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0708
Phase Assigned(20040720)

Description

MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.

References

Source Reference
CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482
GENTOO GLSA-200407-09
MISC http://www.osvdb.org/6704
BID 10568
OSVDB 6704
SECUNIA 11807
XF moinmoin-gain-admin-access(16465)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.