GitHub Advisory DatabaseGHSA-76X8-GG39-5JJGCherryPy Malicious cookies allow access to files outside the session directory
6.9 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.7%
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.
References
secunia.com/advisories/28353
secunia.com/advisories/28354
secunia.com/advisories/28611
secunia.com/advisories/28620
secunia.com/advisories/28769
security.gentoo.org/glsa/glsa-200801-11.xml
www.cherrypy.org/changeset/1774
www.cherrypy.org/changeset/1775
www.cherrypy.org/changeset/1776
www.cherrypy.org/ticket/744
www.debian.org/security/2008/dsa-1481
www.securityfocus.com/archive/1/487001/100/0/threaded
www.securityfocus.com/bid/27181
www.vupen.com/english/advisories/2008/0039
bugs.gentoo.org/show_bug.cgi?id=204829
github.com/advisories/GHSA-76x8-gg39-5jjg
github.com/cherrypy/cherrypy/commit/37b856eba6f207231c691dae2e5b24e072f86664
issues.rpath.com/browse/RPL-2127
nvd.nist.gov/vuln/detail/CVE-2008-0252
www.redhat.com/archives/fedora-package-announce/2008-January/msg00240.html
www.redhat.com/archives/fedora-package-announce/2008-January/msg00297.html
Related
6.9 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.7%