<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> <glsa id="200407-09"> <title>MoinMoin: Group ACL bypass</title> <synopsis> MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists). </synopsis> <product type="ebuild">MoinMoin</product> <announced>2004-07-11</announced> <revised count="02">2006-05-22</revised> <bug>53126</bug> <access>remote</access> <affected> <package name="www-apps/moinmoin" auto="yes" arch="*"> <unaffected range="ge">1.2.2</unaffected> <vulnerable range="le">1.2.1</vulnerable> </package> </affected> <background> <p> MoinMoin is a Python clone of WikiWiki, based on PikiPiki. </p> </background> <description> <p> MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group. </p> </description> <impact type="normal"> <p> If an administrative group called AdminGroup existed an attacker could create a user called AdminGroup and gain the privileges of the group AdminGroup. This could lead to unauthorized users gaining administrative access. </p> </impact> <workaround> <p> For every administrative group with special privileges create a user with the same name as the group. </p> </workaround> <resolution> <p> All users should upgrade to the latest available version of MoinMoin, as follows: </p> <code> # emerge sync # emerge -pv ">=www-apps/moinmoin-1.2.2" # emerge ">=www-apps/moinmoin-1.2.2"</code> </resolution> <references> <uri link="https://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482">MoinMoin Announcement</uri> <uri link="http://www.osvdb.org/6704">OSVDB Entry</uri> <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0708">CVE-2004-0708</uri> </references> <metadata tag="submitter"> jaervosz </metadata> </glsa>