Gentoo Logo

MoinMoin: Privilege escalation


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200805-09 / moinmoin
Release Date May 11, 2008
Latest Revision May 11, 2008: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
www-apps/moinmoin < 1.6.3 >= 1.6.3 All supported architectures

Related bugreports: #218752


A vulnerability in MoinMoin may allow a remote attacker to elevate his privileges.

2.  Impact Information


MoinMoin is an advanced and extensible Wiki Engine.


It has been reported that the user form processing in the file does not properly manage users when using Access Control Lists or a non-empty superusers list.


A remote attacker could exploit this vulnerability to gain superuser privileges on the application.

3.  Resolution Information


There is no known workaround at this time.


All MoinMoin users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/moinmoin-1.6.3"

4.  References


Page updated May 11, 2008

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.