The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2009-0008 | The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors. |
![]() |
GHSA-wjjc-m3fc-fcm8 | MoinMoin Denial of Service vulnerability via password_checker function |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-17T00:46:49.608Z
Reserved: 2009-03-29T00:00:00Z
Link: CVE-2008-6549

No data.

Status : Deferred
Published: 2009-03-30T01:30:00.517
Modified: 2025-04-09T00:30:58.490
Link: CVE-2008-6549

No data.

No data.