CVE-2010-0667 - Vulnerability Details - OpenCVE

MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00927.

Key SSVC decision points have not yet been added.

Vendors	Products
Moinmo	Moinmoin

Configuration 1 [-]

cpe:2.3:a:moinmo:moinmoin:1.9.0:*:*:*:*:*:*:*

No data.

No data.

References

Link	Providers
http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES
http://hg.moinmo.in/moin/1.9/rev/04afdde50094
http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2
http://marc.info/?l=oss-security&m=126625972814888&w=2
http://marc.info/?l=oss-security&m=126676896601156&w=2
http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18
http://moinmo.in/SecurityFixes
http://secunia.com/advisories/38242
http://www.openwall.com/lists/oss-security/2010/01/21/6
http://www.openwall.com/lists/oss-security/2010/02/15/2
https://www.cve.org/CVERecord?id=CVE-2010-0667

History

Wed, 28 May 2025 14:45:00 +0000

Type	Values Removed	Values Added
References		https://www.cve.org/CVERecord?id=CVE-2010-0667

Thu, 22 May 2025 04:45:00 +0000

Type	Values Removed	Values Added
References	https://nvd.nist.gov/vuln/detail/CVE-2010-0667 https://www.cve.org/CVERecord?id=CVE-2010-0667

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-02-26T19:00:00.000Z

Updated: 2024-09-17T03:07:34.891Z

Reserved: 2010-02-21T00:00:00.000Z

Link: CVE-2010-0667

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-02-26T19:30:00.463

Modified: 2026-04-29T01:13:23.040

Link: CVE-2010-0667

Redhat

Severity : Moderate

Publid Date: 2010-01-19T00:00:00Z

Links: CVE-2010-0667 - Bugzilla

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-02-26T19:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://moinmo.in/SecurityFixes"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"}, {"name": "[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"}, {"name": "[oss-security] 20100121 CVE request: MoinMoin information disclosure", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"}, {"name": "[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"}, {"name": "38242", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38242"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0667", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"}, {"name": "http://moinmo.in/SecurityFixes", "refsource": "CONFIRM", "url": "http://moinmo.in/SecurityFixes"}, {"name": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094", "refsource": "CONFIRM", "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"}, {"name": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "refsource": "CONFIRM", "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"}, {"name": "[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"}, {"name": "[oss-security] 20100121 CVE request: MoinMoin information disclosure", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"}, {"name": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "refsource": "CONFIRM", "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"}, {"name": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES", "refsource": "CONFIRM", "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"}, {"name": "[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"}, {"name": "38242", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38242"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:59:38.313Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20100215 CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://moinmo.in/SecurityFixes"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"}, {"name": "[oss-security] 20100221 Re: CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"}, {"name": "[oss-security] 20100121 CVE request: MoinMoin information disclosure", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"}, {"name": "[oss-security] 20100215 Re: CVE Request -- MoinMoin -- 1.8.7", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"}, {"name": "38242", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38242"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0667", "datePublished": "2010-02-26T19:00:00.000Z", "dateReserved": "2010-02-21T00:00:00.000Z", "dateUpdated": "2024-09-17T03:07:34.891Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:moinmo:moinmoin:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "BAA73028-4193-49E9-B017-F1F27075FDDE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors."}, {"lang": "es", "value": "MoinMoin v1.9 anteriores v1.9.1 no realiza de la forma esperada la limpieza del array sys.argv en situaciones donde la variable de entorno GATEWAY_INTERFACE recibe valor, lo que permite a atacantes remotos conseguir informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."}], "id": "CVE-2010-0667", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-02-26T19:30:00.463", "references": [{"source": "cve@mitre.org", "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"}, {"source": "cve@mitre.org", "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"}, {"source": "cve@mitre.org", "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"}, {"source": "cve@mitre.org", "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://moinmo.in/SecurityFixes"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38242"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://moinmo.in/SecurityFixes"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38242"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}