CVE-2005-0088

CVE-2005-0088 affects mod_python 2.7.8 and earlier, where the publisher handler permits remote attackers to obtain access to restricted objects via a crafted URL. The CVSS v2 base metrics show a Network attack vector, Low attack complexity, No authentication, and a Partial impact on confidentiali...

CVE-2004-2680

CVE-2004-2680 affects mod_python (libapache2-mod-python) 3.1.4 and earlier. The root cause is improper handling of output filters when processing more than 16,384 bytes, causing filter.read to return portions of previously freed memory. Practical impact is a potential data exposure and instabilit...

CVE-2003-0973

The CVE-2003-0973 entry describes a denial-of-service in mod_python: affected versions are mod_python 3.0.x before 3.0.4 and 2.7.x before 2.7.9. A remote attacker can crash the Apache httpd by supplying a crafted query string. Public advisories (e.g., Debian DSA-452, Red Hat RHSA-2004:058, and re...

CVE-2004-0096

CVE-2004-0096 targets mod_python and is associated with a denial-of-service affecting Apache via a crafted query string. OpenVAS entries include CVE linkage (CVE-2004-0096) and note a 5.0 base score (AV:N/AC:L/Au:N/C:N/I:N/A:P); related CAN-2003-0973 is cited. The vulnerability is discussed in mu...

CVE-2002-0185

The CVE-2002-0185 issue affects Apache mod_python versions 2.7.6 and earlier, where a module indirectly imported by a published module can be accessed via the publisher, allowing remote attackers to call potentially dangerous functions from the imported module. The OpenVAS/NVD/CVE listings corrob...

CVE-2006-1095

The CVE-2006-1095 entry applies to Apache’s mod_python (FileSession object) and 3.2.7, where a directory traversal via a crafted session cookie can allow local code execution. Affected component: mod_python 3.2.7 for Apache (FileSession). Root cause: directory traversal in session handling. Impac...