Fedora 11 : moin-1.8.7-2.fc11 (2010-6012)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Sat Apr 3 2010 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> - 1.8.7-2

- Fixes CVE-2010-0828 (rhbz#578801)

- Thu Feb 18 2010 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> - 1.8.7-1

- Fixed major security issues in miscellaneous parts of
moin

-
http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANG
ES

- http://secunia.com/advisories/38444/

- Fixes rhbz#565604

- Mon Dec 28 2009 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> - 1.8.6-1

- 1.8.6, mostly bug fixes

-
http://hg.moinmo.in/moin/1.8/raw-file/1.8.6/docs/CHANG
ES

- Tue Sep 15 2009 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> - 1.8.5-1

- 1.8.5

- Includes multiple bug fixes, a new FCKeditor version
and some new features

-
http://hg.moinmo.in/moin/1.8/raw-file/1.8.5/docs/CHANG
ES

- Sat Jul 25 2009 Fedora Release Engineering <rel-eng at
lists.fedoraproject.org> - 1.8.4-3

- Rebuilt for
https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

- Sun Jul 12 2009 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> 1.8.4-2

- Remove the filemanager directory from the embedded
FCKeditor, it contains code with know security
vulnerabilities, even though that code couldn't be
invoked when moin was used with the default settings.

- Fixes rhbz #509924, related to CVE-2009-2265

- Sat Jun 13 2009 Ville-Pekka Vainio <vpivaini AT
cs.helsinki.fi> 1.8.4-1

- Update to 1.8.4, http://moinmo.in/MoinMoinRelease1.8
has a list of changes.

- Includes a security fix for hierarchical ACL (not the
default mode), http://moinmo.in/SecurityFixes has the
details.

- Drop previous security patches, those are not needed
anymore.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://hg.moinmo.in/moin/1.8/raw-file/1.8.5/docs/CHANGES
http://hg.moinmo.in/moin/1.8/raw-file/1.8.6/docs/CHANGES
http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES
http://moinmo.in/MoinMoinRelease1.8
http://moinmo.in/SecurityFixes
https://bugzilla.redhat.com/show_bug.cgi?id=578801
https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
http://www.nessus.org/u?b1ebc367

Solution :

Update the affected moin package.

Risk factor :

Low / CVSS Base Score : 3.5
(CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N)
CVSS Temporal Score : 2.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 47409 (fedora_2010-6012.nasl)

Bugtraq ID: 39110

CVE ID: CVE-2010-0828

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now