CVE-2012-6081

Name of the Vulnerable Software and Affected Versions MoinMoin versions prior to 1.9.6

Description The issue allows remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. This has been exploited in the wild in July 2012. The vulnerabilities are found in the twikidraw (action/twikidraw.py) and anywikidraw (action/anywikidraw.py) actions.

Recommendations For versions prior to 1.9.6, update to version 1.9.6 or later to resolve the issue. As a temporary workaround, consider restricting write permissions or disabling the action/twikidraw.py and action/anywikidraw.py actions until a patch is applied. Avoid using these actions to upload files with executable extensions until the issue is resolved.