FreeBSD : moinmoin -- ACL group bypass (1ecf4ca1-f7ad-11d8-96c9-00061bc2ad93)
Critical Nessus Plugin ID 38135
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe moinmoin package contains two bugs with ACLs and anonymous users.
Both bugs may permit anonymous users to gain access to administrative functions; for example the delete function.
There is no known workaround, the vulnerability exists regardless if a site is using ACLs or not.
SolutionUpdate the affected package.