AOH :: HP Unsorted M :: VA1788.HTM

Multiple remote vulnerabilities MoinMoin v1.80



Multiple remote vulnerabilities MoinMoin v1.80
Multiple remote vulnerabilities MoinMoin v1.80



================================================================0D
!vuln=0D
MoinMoin v1.5.9 is prone to multiple remote vulnerabilities.=0D
Earlier versions may also be affected.=0D
MoinMoin v1.80 is also affected to a lesser extent.=0D
Other versions may also be affected.=0D
================================================================0D
=0D
================================================================0D
!dork=0D
Dork: "* MoinMoin Powered * Python Powered * Valid HTML 4.01"=0D
================================================================0D
=0D
================================================================0D
!risk 1 - Denial Of Service=0D
Low=0D
The denial of service only results on the end-users side.=0D
================================================================0D
=0D
================================================================0D
!discussion 1 - Denial Of Service=0D
=0D
http://wiki.site.org/%08?action=fullsearch&value=linkto%3A%22%0=0D 
8%22&context=180=0D
=0D
Changing the URL of a linkto URl results in end-user denial of=0D
service conditions if ASCII characters are injected.=0D
================================================================0D
=0D
================================================================0D
!risk 2 - Full Path Disclosure=0D
Medium=0D
Attackers can use this vulnerability to leverage another attack=0D
after the full path has been disclosed.=0D
================================================================0D
=0D
================================================================0D
!discussion 2 - Full Path Disclosure=0D
=0D
http://wiki.site.org/VulnVulnVulnVuln/VulnVulnVuln/Vul.........=0D 
=0D
A remote user is able to identify several details about the=0D
system from the python traceback error after injecting an =0D
extremely long URL string. The uname -a (the platform and OS),=0D
=0D
the python release, the full path of the htdocs folder and =0D
python folder, and the version of MoinMoin that is running. =0D
However, MoinMoin v1.80 does not disclose the python release =0D
and the version of MoinMoin.=0D
================================================================0D
=0D
================================================================0D
!solution=0D
MoinMoin can still be used, but be wary of the full path=0D
disclosure. The vendor has not yet been notified.=0D
================================================================0D
=0D
================================================================0D
!greetz=0D
Greetz go out to the people who know me.=0D
================================================================0D
=0D
================================================================0D
!author=0D
Xia Shing Zee=0D
==============================================================

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.