CVE-2008-6549 Information

Description

The password_checker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe which allows remote attackers to cause a denial of service (segmentation fault and crash) via unknown vectors.

Reference

http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546 http://moinmo.in/SecurityFixes http://osvdb.org/48876