Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for mod_python by apache
CVE-2004-2680 (GCVE-0-2004-2680)
Vulnerability from cvelistv5 – Published: 2007-03-04 23:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Date Public ?
2004-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2004-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772@pixar.com%3e"
},
{
"name": "https://launchpad.net/bugs/89308",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/89308"
},
{
"name": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"name": "https://issues.rpath.com/browse/RPL-1105",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2004-2680",
"datePublished": "2007-03-04T23:00:00.000Z",
"dateReserved": "2007-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1095 (GCVE-0-2006-1095)
Vulnerability from cvelistv5 – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2006-02-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.modpython.org/fs_sec_warn.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16916"
},
{
"name": "http://www.cgisecurity.com/2006/02/07",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015764"
},
{
"name": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1095",
"datePublished": "2006-03-09T11:00:00.000Z",
"dateReserved": "2006-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0088 (GCVE-0-2005-0088)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Date Public ?
2005-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:104",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0088",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:41.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0096 (GCVE-0-2004-0096)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
VLAI?
Summary
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2004-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:04.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"refsource": "MLIST",
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0096",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2004-01-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:10:04.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0973 (GCVE-0-2003-0973)
Vulnerability from cvelistv5 – Published: 2003-12-02 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2003-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"refsource": "FEDORA",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0973",
"datePublished": "2003-12-02T05:00:00.000Z",
"dateReserved": "2003-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0185 (GCVE-0-2002-0185)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2002-04-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "modpython-imported-module-access(8997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4656"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0185",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:42:28.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1095 (GCVE-0-2006-1095)
Vulnerability from nvd – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2006-02-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.modpython.org/fs_sec_warn.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16916"
},
{
"name": "http://www.cgisecurity.com/2006/02/07",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015764"
},
{
"name": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1095",
"datePublished": "2006-03-09T11:00:00.000Z",
"dateReserved": "2006-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0088 (GCVE-0-2005-0088)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Date Public ?
2005-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:104",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0088",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:41.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2680 (GCVE-0-2004-2680)
Vulnerability from nvd – Published: 2007-03-04 23:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Date Public ?
2004-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2004-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772@pixar.com%3e"
},
{
"name": "https://launchpad.net/bugs/89308",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/89308"
},
{
"name": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"name": "https://issues.rpath.com/browse/RPL-1105",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2004-2680",
"datePublished": "2007-03-04T23:00:00.000Z",
"dateReserved": "2007-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0096 (GCVE-0-2004-0096)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
VLAI?
Summary
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2004-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:04.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"refsource": "MLIST",
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0096",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2004-01-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:10:04.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0973 (GCVE-0-2003-0973)
Vulnerability from nvd – Published: 2003-12-02 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2003-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"refsource": "FEDORA",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0973",
"datePublished": "2003-12-02T05:00:00.000Z",
"dateReserved": "2003-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0185 (GCVE-0-2002-0185)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2002-04-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "modpython-imported-module-access(8997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4656"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0185",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:42:28.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}