High severityNVD Advisory· Published Mar 30, 2009· Updated Jun 16, 2026
CVE-2008-6549
CVE-2008-6549
Description
The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moinPyPI | < 1.6.1 | 1.6.1 |
Affected products
3- osv-coords2 versions
< 1.6.2-1+ 1 more
- (no CPE)range: < 1.6.2-1
- (no CPE)range: < 1.6.1
Patches
Vulnerability mechanics
References
8- hg.moinmo.in/moin/1.6/rev/35ff7a9b1546nvdExploit
- moinmo.in/SecurityFixesnvdVendor Advisory
- github.com/advisories/GHSA-wjjc-m3fc-fcm8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-6549ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2009-12.yamlghsaWEB
- web.archive.org/web/20080410051007/http://moinmo.in/SecurityFixesghsaWEB
- web.archive.org/web/20211206185024/http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546ghsaWEB
- osvdb.org/48876nvd
News mentions
0No linked articles in our index yet.