Robert Whitney wrote:

To Whoever this may concern,

I believe the exploit in use on the Python Wiki could have been the following remote arbitrary code execution exploit that myself and some fellow researchers have been working with over the past few days. I'm not sure if this has quite been reported to the Moin development team, however this exploit would be triggered via a URL much like the following: http://wiki.python.org/WikiSandBox?action=moinexec&c=uname%20-a

Did you check the MoinMoin security fixes page? http://moinmo.in/SecurityFixes What you describe is mentioned as "remote code execution vulnerability in twikidraw/anywikidraw action CVE-2012-6081".

This URL of course would cause for the page to output the contents of the command "uname -a". I think this is definitely worth your researchers looking into, and please be sure to credit myself (Robert 'xnite' Whitney; http://xnite.org) for finding & reporting this vulnerability.

Have you discovered anything beyond the findings of the referenced, reported vulnerability, or any of those mentioned in the Debian advisory? http://www.debian.org/security/2012/dsa-2593 If so, I'm sure that the MoinMoin developers would be interested in working with you to responsibly mitigate the impact of any deployed, vulnerable code. Paul P.S. Although I don't speak for the MoinMoin developers in any way, please be advised that any replies to me may be shared with those developers and indeed any other parties I choose.