What is the severity of CVE-2008-0782?

CVE-2008-0782 is classified as a high severity vulnerability due to the potential for remote attackers to exploit directory traversal to overwrite arbitrary files.

How do I fix CVE-2008-0782?

To fix CVE-2008-0782, upgrade MoinMoin to version 1.5.9 or later, which addresses this vulnerability.

What versions of MoinMoin are affected by CVE-2008-0782?

CVE-2008-0782 affects MoinMoin versions 1.5.8 and earlier, including various 0.x versions.

What types of attacks can be performed using CVE-2008-0782?

Attackers can leverage CVE-2008-0782 for directory traversal attacks, potentially leading to file overwriting and even PHP code execution.

Is there a workaround for CVE-2008-0782 if I cannot update immediately?

As a temporary workaround for CVE-2008-0782, you can restrict file permissions on the server to limit the impact of potential exploits.

Vulnerability/
CVE-2008-0782

medium

CWE

14/2/2008

1/5/2022

7/8/2024

CVE-2008-0782: Path Traversal

First published: Thu Feb 14 2008(Updated: )

Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
pip/moin	<=1.5.8
Mastodon	=0.1
Mastodon	=0.2
Mastodon	=0.3
Mastodon	=0.7
Mastodon	=0.8
Mastodon	=0.9
Mastodon	=0.10
Mastodon	=0.11
Mastodon	=1.0
Mastodon	=1.1
Mastodon	=1.2
Mastodon	=1.2.1
Mastodon	=1.2.2
Mastodon	=1.5.0
Mastodon	=1.5.1
Mastodon	=1.5.2
Mastodon	=1.5.3
Mastodon	=1.5.3_rc1
Mastodon	=1.5.3_rc2
Mastodon	=1.5.4
Mastodon	=1.5.5
Mastodon	=1.5.5_rc1
Mastodon	=1.5.5a
Mastodon	=1.5.6
Mastodon	=1.5.7
Mastodon	=1.5.8

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-0782?
CVE-2008-0782 is classified as a high severity vulnerability due to the potential for remote attackers to exploit directory traversal to overwrite arbitrary files.
How do I fix CVE-2008-0782?
To fix CVE-2008-0782, upgrade MoinMoin to version 1.5.9 or later, which addresses this vulnerability.
What versions of MoinMoin are affected by CVE-2008-0782?
CVE-2008-0782 affects MoinMoin versions 1.5.8 and earlier, including various 0.x versions.
What types of attacks can be performed using CVE-2008-0782?
Attackers can leverage CVE-2008-0782 for directory traversal attacks, potentially leading to file overwriting and even PHP code execution.
Is there a workaround for CVE-2008-0782 if I cannot update immediately?
As a temporary workaround for CVE-2008-0782, you can restrict file permissions on the server to limit the impact of potential exploits.

agent/type
collector/github-advisory-latest
source/GitHub
alias/GHSA-6766-r2rx-mfw9
alias/CVE-2008-0782
agent/software-canonical-lookup
agent/severity
agent/weakness
agent/references
agent/description
agent/author
collector/github-advisory
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-historical
collector/nvd-index
package-manager/pip
vendor/moinmoin
canonical/mastodon
version/mastodon/0.1
version/mastodon/0.2
version/mastodon/0.3
version/mastodon/0.7
version/mastodon/0.8
version/mastodon/0.9
version/mastodon/0.10
version/mastodon/0.11
version/mastodon/1.0
version/mastodon/1.1
version/mastodon/1.2
version/mastodon/1.2.1
version/mastodon/1.2.2
version/mastodon/1.5.0
version/mastodon/1.5.1
version/mastodon/1.5.2
version/mastodon/1.5.3
version/mastodon/1.5.3_rc1
version/mastodon/1.5.3_rc2
version/mastodon/1.5.4
version/mastodon/1.5.5
version/mastodon/1.5.5_rc1
version/mastodon/1.5.5a
version/mastodon/1.5.6
version/mastodon/1.5.7
version/mastodon/1.5.8