Lucene search

K

[email protected]NVD:CVE-2005-0089

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0089

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

6

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.128

Percentile

95.5%

The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.

Affected configurations

Nvd

Node

pythonpythonRange<2.3.5

OR

pythonpythonMatch2.4.0

References

marc.info/?l=bugtraq&m=110746469728728&w=2

python.org/security/PSF-2005-001/patch-2.2.txt

secunia.com/advisories/14128

securitytracker.com/id?1013083

www.debian.org/security/2005/dsa-666

www.mandriva.com/security/advisories?name=MDKSA-2005:035

www.python.org/security/PSF-2005-001/

www.redhat.com/support/errata/RHSA-2005-108.html

www.securityfocus.com/bid/12437

www.trustix.org/errata/2005/0003/

exchange.xforce.ibmcloud.com/vulnerabilities/19217

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9811

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7

Confidence

Low

EPSS

0.128

Percentile

95.5%

Related for NVD:CVE-2005-0089

gentoo1 debian2 openvas9 freebsd1 cve1 redhat2 nessus7 ubuntu1 cvelist1 ubuntucve1 securityvulns1 osv1 cert1