Skip to main content

CVE-2008-6549

Severity Medium
Score 5/10

Summary

The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published