What is the severity of CVE-2010-0668?

The severity of CVE-2010-0668 is unknown as the impact and attack vectors are unspecified.

How do I fix CVE-2010-0668?

To fix CVE-2010-0668, upgrade MoinMoin to version 1.8.7 or greater if using versions 1.5.x to 1.7.x or to 1.9.2 or greater if using 1.9.x.

Which versions of MoinMoin are affected by CVE-2010-0668?

MoinMoin versions 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 are affected.

Can I be attacked if I have a non-empty superuser list with CVE-2010-0668?

Yes, having a non-empty superuser list may expose you to risks related to CVE-2010-0668.

Is the xmlrpc action related to CVE-2010-0668 vulnerabilities?

Yes, enabling the xmlrpc action in MoinMoin is one of the configurations that contributes to the vulnerability identified in CVE-2010-0668.

Vulnerability/
CVE-2010-0668

medium

6.8

CWE

1/2/2010

26/2/2010

2/5/2022

11/4/2025

CVE-2010-0668

First published: Mon Feb 01 2010(Updated: )

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
pip/moin	>=1.9<1.9.2	1.9.2
pip/moin	>=1.5<1.8.7	1.8.7
MoinMoin	=1.5.0
MoinMoin	=1.5.0-beta1
MoinMoin	=1.5.0-beta2
MoinMoin	=1.5.0-beta3
MoinMoin	=1.5.0-beta4
MoinMoin	=1.5.0-beta5
MoinMoin	=1.5.0-beta6
MoinMoin	=1.5.0-rc1
MoinMoin	=1.5.1
MoinMoin	=1.5.2
MoinMoin	=1.5.3
MoinMoin	=1.5.3-rc1
MoinMoin	=1.5.3-rc2
MoinMoin	=1.5.4
MoinMoin	=1.5.5
MoinMoin	=1.5.5-rc1
MoinMoin	=1.5.5a
MoinMoin	=1.5.6
MoinMoin	=1.5.7
MoinMoin	=1.5.8
MoinMoin	=1.6.0
MoinMoin	=1.6.0-beta1
MoinMoin	=1.6.0-beta2
MoinMoin	=1.6.0-rc1
MoinMoin	=1.6.0-rc2
MoinMoin	=1.6.1
MoinMoin	=1.6.2
MoinMoin	=1.6.3
MoinMoin	=1.6.4
MoinMoin	=1.7.0
MoinMoin	=1.7.0-beta1
MoinMoin	=1.7.0-beta2
MoinMoin	=1.7.0-rc1
MoinMoin	=1.7.0-rc2
MoinMoin	=1.7.0-rc3
MoinMoin	=1.7.1
MoinMoin	=1.7.2
MoinMoin	=1.7.3
MoinMoin	=1.8.0
MoinMoin	=1.8.1
MoinMoin	=1.8.2
MoinMoin	=1.8.3
MoinMoin	=1.8.4
MoinMoin	=1.8.6
MoinMoin	=1.9.0
MoinMoin	=1.9.1
	=1.5.0
	=1.5.0-beta1
	=1.5.0-beta2
	=1.5.0-beta3
	=1.5.0-beta4
	=1.5.0-beta5
	=1.5.0-beta6
	=1.5.0-rc1
	=1.5.1
	=1.5.2
	=1.5.3
	=1.5.3-rc1
	=1.5.3-rc2
	=1.5.4
	=1.5.5
	=1.5.5-rc1
	=1.5.5a
	=1.5.6
	=1.5.7
	=1.5.8
	=1.6.0
	=1.6.0-beta1
	=1.6.0-beta2
	=1.6.0-rc1
	=1.6.0-rc2
	=1.6.1
	=1.6.2
	=1.6.3
	=1.6.4
	=1.7.0
	=1.7.0-beta1
	=1.7.0-beta2
	=1.7.0-rc1
	=1.7.0-rc2
	=1.7.0-rc3
	=1.7.1
	=1.7.2
	=1.7.3
	=1.8.0
	=1.8.1
	=1.8.2
	=1.8.3
	=1.8.4
	=1.8.6
	=1.9.0
	=1.9.1

Remedy

http://www.securityfocus.com/bid/38023

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0668?
The severity of CVE-2010-0668 is unknown as the impact and attack vectors are unspecified.
How do I fix CVE-2010-0668?
To fix CVE-2010-0668, upgrade MoinMoin to version 1.8.7 or greater if using versions 1.5.x to 1.7.x or to 1.9.2 or greater if using 1.9.x.
Which versions of MoinMoin are affected by CVE-2010-0668?
MoinMoin versions 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 are affected.
Can I be attacked if I have a non-empty superuser list with CVE-2010-0668?
Yes, having a non-empty superuser list may expose you to risks related to CVE-2010-0668.
Is the xmlrpc action related to CVE-2010-0668 vulnerabilities?
Yes, enabling the xmlrpc action in MoinMoin is one of the configurations that contributes to the vulnerability identified in CVE-2010-0668.

agent/type
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2010-0668
collector/redhat-cve
agent/remedy
agent/weakness
agent/description
agent/severity
agent/author
collector/mitre-cve
source/MITRE
agent/event
collector/github-advisory-latest
source/GitHub
alias/GHSA-574f-mh6m-c6qm
agent/software-canonical-lookup
agent/references
agent/last-modified-date
collector/github-advisory
agent/trending
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-cve
source/NVD
collector/nvd-historical
agent/tags
agent/softwarecombine
collector/nvd-api
package-manager/pip
vendor/moinmo
canonical/moinmoin
version/moinmoin/1.5.0
version/moinmoin/1.5.0-beta1
version/moinmoin/1.5.0-beta2
version/moinmoin/1.5.0-beta3
version/moinmoin/1.5.0-beta4
version/moinmoin/1.5.0-beta5
version/moinmoin/1.5.0-beta6
version/moinmoin/1.5.0-rc1
version/moinmoin/1.5.1
version/moinmoin/1.5.2
version/moinmoin/1.5.3
version/moinmoin/1.5.3-rc1
version/moinmoin/1.5.3-rc2
version/moinmoin/1.5.4
version/moinmoin/1.5.5
version/moinmoin/1.5.5-rc1
version/moinmoin/1.5.5a
version/moinmoin/1.5.6
version/moinmoin/1.5.7
version/moinmoin/1.5.8
version/moinmoin/1.6.0
version/moinmoin/1.6.0-beta1
version/moinmoin/1.6.0-beta2
version/moinmoin/1.6.0-rc1
version/moinmoin/1.6.0-rc2
version/moinmoin/1.6.1
version/moinmoin/1.6.2
version/moinmoin/1.6.3
version/moinmoin/1.6.4
version/moinmoin/1.7.0
version/moinmoin/1.7.0-beta1
version/moinmoin/1.7.0-beta2
version/moinmoin/1.7.0-rc1
version/moinmoin/1.7.0-rc2
version/moinmoin/1.7.0-rc3
version/moinmoin/1.7.1
version/moinmoin/1.7.2
version/moinmoin/1.7.3
version/moinmoin/1.8.0
version/moinmoin/1.8.1
version/moinmoin/1.8.2
version/moinmoin/1.8.3
version/moinmoin/1.8.4
version/moinmoin/1.8.6
version/moinmoin/1.9.0
version/moinmoin/1.9.1