MoinMoin: Group ACL bypass — GLSA 200407-09

MoinMoin contains a bug allowing a user to bypass group ACLs (Access Control Lists).

Affected packages

Package 	www-apps/moinmoin on all architectures
Affected versions 	<= 1.2.1
Unaffected versions 	>= 1.2.2

Background

MoinMoin is a Python clone of WikiWiki, based on PikiPiki.

Description

MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group.

Impact

If an administrative group called AdminGroup existed an attacker could create a user called AdminGroup and gain the privileges of the group AdminGroup. This could lead to unauthorized users gaining administrative access.

Workaround

For every administrative group with special privileges create a user with the same name as the group.

Resolution

All users should upgrade to the latest available version of MoinMoin, as follows:

 # emerge sync
 
 # emerge -pv ">=www-apps/moinmoin-1.2.2"
 # emerge ">=www-apps/moinmoin-1.2.2"

References

    MoinMoin Announcement
    OSVDB Entry
    CVE-2004-0708