17 matches found
EUVD-2004-0096
Malware in sbrugna...
EUVD-2003-0963
Malware in sbrugna...
mod_python vulnerable to information disclosure via crafted URL
Overview The Apache modpython module is vulnerable to unintended remote information disclosure using specially crafted URLs. Description From the modpython web page:Modpython is an Apache module that embeds the Python interpreter within the server. With modpython you can write web-based...
GLSA-200502-14 : mod_python: Publisher Handler vulnerability
The remote host is affected by the vulnerability described in GLSA-200502-14 modpython: Publisher Handler vulnerability Graham Dumpleton discovered a vulnerability in modpython's Publisher Handler. Impact : By requesting a specially crafted URL for a published module page, an attacker could obtai...
mod_python: Publisher Handler vulnerability
Background modpython is an Apache module that embeds the Python interpreter within the server allowing Python-based web-applications to be created. Description Graham Dumpleton discovered a vulnerability in modpython's Publisher Handler. Impact By requesting a specially crafted URL for a publishe...
USN-80-1: mod_python vulnerability
Graham Dumpleton discovered an information disclosure in the "publisher" handle of modpython. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible...
Fedora Core 3 : mod_python-3.1.3-5.2 (2005-140)
Graham Dumpleton discovered a flaw affecting the publisher handler of modpython, used to make objects inside modules callable via URL. A remote user could visit a carefully crafted URL that would gain access to objects that should not be visible, leading to an information leak. The Common...
Fedora Core 2 : mod_python-3.1.3-1.fc2.2 (2005-139)
Graham Dumpleton discovered a flaw affecting the publisher handler of modpython, used to make objects inside modules callable via URL. A remote user could visit a carefully crafted URL that would gain access to objects that should not be visible, leading to an information leak. The Common...
mod_python -- information leakage vulnerability
Mark J Cox reports: Graham Dumpleton discovered a flaw which can affect anyone using the publisher handle of the Apache Software Foundation modpython. The publisher handle lets you publish objects inside modules to make them callable via URL. The flaw allows a carefully crafted URL to obtain extr...
CVE-2004-2680
modpython libapache2-mod-python 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory...
CVE-2004-0096
Unknown vulnerability in modpython 2.7.9 allows remote attackers to cause a denial of service httpd crash via a certain query string, a variant of CAN-2003-0973...
CVE-2004-0096
Unknown vulnerability in modpython 2.7.9 allows remote attackers to cause a denial of service httpd crash via a certain query string, a variant of CAN-2003-0973...
Apache mod_python Denial of Service vulnerability
Background Modpython is an Apache module that embeds the Python interpreter within the server allowing Python-based web-applications to be created. Description The Apache Foundation has reported that modpython may be prone to Denial of Service attacks when handling a malformed query. Modpython...
CVE-2003-0973
Unknown vulnerability in modpython 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service httpd crash via a certain query string...
mod_python denial-of-service vulnerability in parse_qs
An attacker may cause Apache with modpython to crash by using a specially constructed query string...
CVE-2002-0185
modpython version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module...
mod_python < 2.7.8 Module Importing Privilege Function Execution
The remote host is using the Apache modpython module which is version 2.7.6 or older. These versions allow a module which is indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module...