Some time ago, the security mailings passed information about the potential vulnerability in moino -moin wiki projects, which allows you to get local user rights with which this moin-moin is running. Those who read such lists, knows that such messages appear (not in relation to the personal moin-moin, but “in general”) quite often and do not cause any particular interest. Found - corrected - updated - forgot.

However, the situation was worse with this vulnerability of moin-moin.

At the moment there are already two major victims: the wiki of Debian and the wiki of Python: (currently transferred to offline). Details on the degree of penetration for Python are not yet known, and a report has been published for the debian: they have stolen email and salted password hashes.
')

Who else?

Use moin-moin: Apache (including for TomCat), Ubuntu, Mercurial, Baazar, CAcert.org, WireShark, Squid, CouchDB, SpamAssasin, Gnome Live, Wine, X.org, GRUB, CentOS, Arch, FreeBSD, OpenWRT , freedesktop.org, GCC, DropBox ...

How many of them have already been updated?

Vulnerability description

The vulnerability itself is nothing interesting - it downloads the executable file, executes it. Description: CVE-2012-6081 .

Wiki python

As bliznezz tells me, they say in the mailing list that unlike the debian wiki, the attacker simply (most likely, after downloading all the interesting data) deleted all the information to which the moin account had access, including the Python and Jython wiki.