Lucene search
UbuntuUSN-80-1HistoryFeb 11, 2005 - 12:00 a.m.
mod_python vulnerability
2005-02-1100:00:00
ubuntu.com
56
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
5.9
Confidence
Low
EPSS
0.003
Percentile
70.6%
Releases
- Ubuntu 4.10
Details
Graham Dumpleton discovered an information disclosure in the
“publisher” handle of mod_python. By requesting a carefully crafted
URL for a published module page, anybody can obtain extra information
about internal variables, objects, and other information which is not
intended to be visible.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 4.10 | noarch | libapache2-mod-python2.3 | < * | UNKNOWN |
| Ubuntu | 4.10 | noarch | libapache2-mod-python2.2 | < * | UNKNOWN |
References
Related
openvas
openvas
Gentoo Security Advisory GLSA 200502-14 (mod_python)
2008-09-24 00:00:00
SLES9: Security update for apache2-mod_python
2009-10-10 00:00:00
Debian Security Advisory DSA 689-1 (libapache-mod-python)
2008-01-17 00:00:00
nessus
nessus
RHEL 2.1 / 3 : mod_python (RHSA-2005:104)
2005-02-10 00:00:00
Debian DSA-689-1 : libapache-mod-python - missing input sanitizing
2005-02-23 00:00:00
Fedora Core 3 : mod_python-3.1.3-5.2 (2005-140)
2005-02-10 00:00:00
redhat
redhat
(RHSA-2005:100) mod_python security update
2005-02-15 00:00:00
(RHSA-2005:104) mod_python security update
2005-02-10 00:00:00
ubuntucve
ubuntucve
CVE-2005-0088
2005-05-02 00:00:00
cvelist
cvelist
CVE-2005-0088
2005-02-10 05:00:00
nvd
nvd
CVE-2005-0088
2005-05-02 04:00:00
debian
debian
[SECURITY] [DSA 689-1] New mod_python packages fix information leak
2005-02-23 13:31:17
[SECURITY] [DSA 689-1] New mod_python packages fix information leak
2005-02-23 13:31:17
freebsd
freebsd
mod_python -- information leakage vulnerability
2005-01-30 00:00:00
osv
osv
libapache-mod-python - missing input sanitising
2005-02-23 00:00:00
gentoo
gentoo
mod_python: Publisher Handler vulnerability
2005-02-13 00:00:00
cve
cve
CVE-2005-0088
2005-05-02 04:00:00
debiancve
debiancve
CVE-2005-0088
2005-05-02 04:00:00
cert
cert
mod_python vulnerable to information disclosure via crafted URL
2005-02-21 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
5.9
Confidence
Low
EPSS
0.003
Percentile
70.6%
Related for USN-80-1