The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote malicious users to cause a denial of service (segmentation fault and crash) via unknown vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moinmo moinmoin 1.6.1 |