Test ID:	1.3.6.1.4.1.25623.1.0.63881
Category:	Fedora Local Security Checks
Title:	Fedora Core 10 FEDORA-2009-3868 (moin)
Summary:	The remote host is missing an update to moin;announced via advisory FEDORA-2009-3868.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to moin announced via advisory FEDORA-2009-3868. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Update Information: Update moin to 1.6.4. Fix the following CVEs: CVE-2008-0781 (again), CVE-2008-3381, CVE-2009-0260, CVE-2009-0312. Fix AttachFile escaping problems, upstream 1.7 changeset 5f51246a4df1 backported. ChangeLog: * Mon Apr 20 2009 Ville-Pekka Vainio 1.6.4-1 - Update to 1.6.4 - CVE-2008-3381 fixed upstream - Re-fix CVE-2008-0781, upstream seems to have dropped the fix in 1.6, used part of upstream 1.5 db212dfc58ef, backported upstream 1.7 5f51246a4df1 and 269a1fbc3ed7 - Fix CVE-2009-0260, patch from Debian etch - Fix CVE-2009-0312 - Fix AttachFile escaping problems, backported upstream 1.7 5c4043e651b3 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update moin' at the command line. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0781 BugTraq ID: 27904 http://www.securityfocus.com/bid/27904 Debian Security Information: DSA-1514 (Google Search) http://www.debian.org/security/2008/dsa-1514 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00726.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00752.html http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml http://secunia.com/advisories/28987 http://secunia.com/advisories/29010 http://secunia.com/advisories/29262 http://secunia.com/advisories/29444 http://secunia.com/advisories/33755 https://usn.ubuntu.com/716-1/ http://www.vupen.com/english/advisories/2008/0569/references Common Vulnerability Exposure (CVE) ID: CVE-2008-3381 BugTraq ID: 30297 http://www.securityfocus.com/bid/30297 http://secunia.com/advisories/31135 http://www.vupen.com/english/advisories/2008/2147/references XForce ISS Database: moinmoin-advancedsearch-xss(43899) https://exchange.xforce.ibmcloud.com/vulnerabilities/43899 Common Vulnerability Exposure (CVE) ID: CVE-2009-0260 BugTraq ID: 33365 http://www.securityfocus.com/bid/33365 Bugtraq: 20090120 MoinMoin Wiki Engine XSS Vulnerability (Google Search) http://www.securityfocus.com/archive/1/500197/100/0/threaded Debian Security Information: DSA-1715 (Google Search) https://www.debian.org/security/2009/dsa-1715 http://osvdb.org/51485 http://secunia.com/advisories/33593 http://secunia.com/advisories/33716 http://www.vupen.com/english/advisories/2009/0195 XForce ISS Database: moinmoin-attachfilepy-xss(48126) https://exchange.xforce.ibmcloud.com/vulnerabilities/48126 Common Vulnerability Exposure (CVE) ID: CVE-2009-0312 http://www.openwall.com/lists/oss-security/2009/01/27/4 http://osvdb.org/51632 XForce ISS Database: moinmoin-antispam-xss(48306) https://exchange.xforce.ibmcloud.com/vulnerabilities/48306
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.