Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
18 vulnerabilities found for mod_python by apache
CVE-2004-2680 (GCVE-0-2004-2680)
Vulnerability from cvelistv5 – Published: 2007-03-04 23:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Date Public ?
2004-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2004-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772@pixar.com%3e"
},
{
"name": "https://launchpad.net/bugs/89308",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/89308"
},
{
"name": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"name": "https://issues.rpath.com/browse/RPL-1105",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2004-2680",
"datePublished": "2007-03-04T23:00:00.000Z",
"dateReserved": "2007-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1095 (GCVE-0-2006-1095)
Vulnerability from cvelistv5 – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2006-02-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.modpython.org/fs_sec_warn.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16916"
},
{
"name": "http://www.cgisecurity.com/2006/02/07",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015764"
},
{
"name": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1095",
"datePublished": "2006-03-09T11:00:00.000Z",
"dateReserved": "2006-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0088 (GCVE-0-2005-0088)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Date Public ?
2005-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:104",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0088",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:41.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0096 (GCVE-0-2004-0096)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
VLAI?
Summary
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2004-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:04.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"refsource": "MLIST",
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0096",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2004-01-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:10:04.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0973 (GCVE-0-2003-0973)
Vulnerability from cvelistv5 – Published: 2003-12-02 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2003-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"refsource": "FEDORA",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0973",
"datePublished": "2003-12-02T05:00:00.000Z",
"dateReserved": "2003-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0185 (GCVE-0-2002-0185)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2002-04-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "modpython-imported-module-access(8997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4656"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0185",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:42:28.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1095 (GCVE-0-2006-1095)
Vulnerability from nvd – Published: 2006-03-09 11:00 – Updated: 2024-08-07 16:56
VLAI?
Summary
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Date Public ?
2006-02-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.modpython.org/fs_sec_warn.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"name": "16916",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16916"
},
{
"name": "http://www.cgisecurity.com/2006/02/07",
"refsource": "MISC",
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"name": "ADV-2006-0768",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"name": "19239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19239"
},
{
"name": "modpython-filesession-command-execution(24965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"name": "1015764",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015764"
},
{
"name": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1095",
"datePublished": "2006-03-09T11:00:00.000Z",
"dateReserved": "2006-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:56:15.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0088 (GCVE-0-2005-0088)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Date Public ?
2005-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2005:104",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2005:104",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"name": "GLSA-200502-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"name": "2005-0003",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"name": "FLSA:152896",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"name": "1013156",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013156"
},
{
"name": "20050211 [USN-80-1] mod_python vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"name": "CLA-2005:926",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"name": "12519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"name": "DSA-689",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"name": "RHSA-2005:100",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"name": "VU#356409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"name": "oval:org.mitre.oval:def:10617",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0088",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-01-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T20:57:41.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2680 (GCVE-0-2004-2680)
Vulnerability from nvd – Published: 2007-03-04 23:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
Date Public ?
2004-04-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "24424",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2004-2680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24424",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24424"
},
{
"name": "USN-430-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"name": "[httpd-python-dev] 20040416 patch for filterobject.c",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "20070307 rPSA-2007-0051-1 mod_python",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"name": "[httpd-python-dev] 20040416 Re: possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772@pixar.com%3e"
},
{
"name": "ADV-2007-0846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"name": "[httpd-python-dev] 20040416 possible bug in filter.write()",
"refsource": "MLIST",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772@pixar.com%3e"
},
{
"name": "https://launchpad.net/bugs/89308",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/89308"
},
{
"name": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"name": "https://issues.rpath.com/browse/RPL-1105",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"name": "24418",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24418"
},
{
"name": "22849",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"name": "modpython-outputfilter-info-disclosure(14751)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2004-2680",
"datePublished": "2007-03-04T23:00:00.000Z",
"dateReserved": "2007-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:36:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0096 (GCVE-0-2004-0096)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 00:10
VLAI?
Summary
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2004-01-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:04.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-07-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"name": "GLSA-200401-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"name": "[mod_python] 20040122 [ANNOUNCE] Mod_python 2.7.10",
"refsource": "MLIST",
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0096",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2004-01-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:10:04.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0973 (GCVE-0-2003-0973)
Vulnerability from nvd – Published: 2003-12-02 05:00 – Updated: 2024-08-08 02:12
VLAI?
Summary
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Date Public ?
2003-11-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2004:058",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2004:058",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"name": "FEDORA-2004-1325",
"refsource": "FEDORA",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"name": "oval:org.mitre.oval:def:839",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html",
"refsource": "CONFIRM",
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"name": "oval:org.mitre.oval:def:828",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"name": "oval:org.mitre.oval:def:10259",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"name": "CLA-2004:837",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"name": "DSA-452",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"name": "RHSA-2004:063",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0973",
"datePublished": "2003-12-02T05:00:00.000Z",
"dateReserved": "2003-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0185 (GCVE-0-2002-0185)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2002-04-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "modpython-imported-module-access(8997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "modpython-imported-module-access(8997)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"name": "4656",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4656"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"name": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html",
"refsource": "MISC",
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"name": "RHSA-2002:070",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"name": "CLA-2002:477",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0185",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:42:28.008Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2006-1095
Vulnerability from fkie_nvd - Published: 2006-03-09 13:06 - Updated: 2026-04-16 00:27
Severity ?
Summary
Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | 3.2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "016E31BC-09DB-4B09-9501-AC6FCDECA568",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie."
}
],
"id": "CVE-2006-1095",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-09T13:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19239"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"source": "cve@mitre.org",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"source": "cve@mitre.org",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.apache.org/viewcvs.cgi/httpd/mod_python/branches/3.2.x/NEWS?rev=378945"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cgisecurity.com/2006/02/07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.modpython.org/fs_sec_warn.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16916"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24965"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affect the versions of mod_python as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0088
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | * | |
| apache | mod_python | 1.9a | |
| apache | mod_python | 2.0 | |
| apache | mod_python | 2.1 | |
| apache | mod_python | 2.2 | |
| apache | mod_python | 2.3 | |
| apache | mod_python | 2.4 | |
| apache | mod_python | 2.4.1 | |
| apache | mod_python | 2.5 | |
| apache | mod_python | 2.6 | |
| apache | mod_python | 2.6.1 | |
| apache | mod_python | 2.6.2 | |
| apache | mod_python | 2.6.3 | |
| apache | mod_python | 2.6.4 | |
| apache | mod_python | 2.7 | |
| apache | mod_python | 2.7.1 | |
| apache | mod_python | 2.7.2 | |
| apache | mod_python | 2.7.3 | |
| apache | mod_python | 2.7.4 | |
| apache | mod_python | 2.7.5 | |
| apache | mod_python | 2.7.6 | |
| apache | mod_python | 2.7.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0359C038-B61F-4640-ADFA-7B8038DFCD9B",
"versionEndIncluding": "2.7.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:1.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "5509C23E-30C8-47E5-A0D6-5DBABD357203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "253A9B1A-5E40-4BF3-A181-DD8EC86EB119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD7D5B0-DB5C-4C92-B701-84274A2D8FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76C96ED2-1B85-4B1F-AAAB-5FC90BF5AB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "490DC20E-7A70-4095-82D2-2E8ED23C5BE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B27C447F-2883-464D-AC9C-22AFF1278E8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83757F-81A1-48CF-93FE-3F2B8C2E9EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F845DD2D-7DCB-4CB4-A70C-ABE10DC136D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E26E30A3-747D-491D-9930-63488AE5E768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "899F6DBB-C557-4C43-8573-217134A1D44B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B29FD9AA-7B11-4B7D-BA40-B7F488D83892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9E0311-B2B6-4770-8393-8A65CC3D5BF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D35BAD-EE65-46E7-845A-DE58D8A1EFDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "310A5F62-EF40-462A-B1CD-251704B74C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399203BA-6661-4451-A667-1EBCC0310FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9604D18-BFA4-4725-8810-8D2BAD9E0DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7BA1FA8-74C2-4473-B121-C9C958547501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "695F589B-1CEA-4974-9E47-FB7E5DF5B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1045B136-428A-461C-98BA-3E4C818DE27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BFBBA5-750F-43B4-BE5F-BDBA2E2FDF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23C3FE2B-C056-4FE5-A8AC-A0BC9B69E454",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL."
}
],
"id": "CVE-2005-0088",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013156"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110815313218389\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://security.gentoo.org/glsa/glsa-200502-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2005/dsa-689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/356409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-100.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2005-104.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/430286/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2005/0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-2680
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CA3501-ED5C-4CF8-A40B-5784F3502729",
"versionEndIncluding": "3.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory."
}
],
"id": "CVE-2004-2680",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"source": "security@ubuntu.com",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"source": "security@ubuntu.com",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"source": "security@ubuntu.com",
"url": "http://secunia.com/advisories/24418"
},
{
"source": "security@ubuntu.com",
"url": "http://secunia.com/advisories/24424"
},
{
"source": "security@ubuntu.com",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"source": "security@ubuntu.com",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"source": "security@ubuntu.com",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"source": "security@ubuntu.com",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"source": "security@ubuntu.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
},
{
"source": "security@ubuntu.com",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"source": "security@ubuntu.com",
"tags": [
"Patch"
],
"url": "https://launchpad.net/bugs/89308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3c6DCA8C14-8FFA-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cCD485B27-8F3E-11D8-934B-000A95B0D772%40pixar.com%3e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mail-archives.apache.org/mod_mbox/httpd-python-dev/200404.mbox/%3cEB279100-9000-11D8-8B4E-000A95B0D772%40pixar.com%3e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://svn.apache.org/viewvc/httpd/mod_python/trunk/src/filterobject.c?r1=102649\u0026r2=103561\u0026pathrev=103561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462185/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-430-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14751"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://launchpad.net/bugs/89308"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2004-2680\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
"lastModified": "2009-05-21T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0096
Vulnerability from fkie_nvd - Published: 2004-03-03 05:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | 2.7.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CF3437-A1AF-485F-88A7-974BA9994396",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida en mod_python 2.7.9 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00eddad de httpd) mediante cierta cadena de consulta, una variante de CAN-2003-0973."
}
],
"id": "CVE-2004-0096",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200401-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2004-January/014879.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-0973
Vulnerability from fkie_nvd - Published: 2003-12-15 05:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | 2.7 | |
| apache | mod_python | 2.7.1 | |
| apache | mod_python | 2.7.2 | |
| apache | mod_python | 2.7.3 | |
| apache | mod_python | 2.7.4 | |
| apache | mod_python | 2.7.5 | |
| apache | mod_python | 2.7.6 | |
| apache | mod_python | 2.7.7 | |
| apache | mod_python | 2.7.8 | |
| apache | mod_python | 3.0 | |
| apache | mod_python | 3.0.1 | |
| apache | mod_python | 3.0.2 | |
| apache | mod_python | 3.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "310A5F62-EF40-462A-B1CD-251704B74C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "399203BA-6661-4451-A667-1EBCC0310FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E9604D18-BFA4-4725-8810-8D2BAD9E0DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7BA1FA8-74C2-4473-B121-C9C958547501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "695F589B-1CEA-4974-9E47-FB7E5DF5B919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1045B136-428A-461C-98BA-3E4C818DE27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BFBBA5-750F-43B4-BE5F-BDBA2E2FDF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23C3FE2B-C056-4FE5-A8AC-A0BC9B69E454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:2.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2F38B8FC-493D-41F0-A1EA-153E5A031F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31BDB2B4-E96F-4CCF-867C-A55F4615DBC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F37278-D8A7-4472-8AEF-747B96959D6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2E82DB79-44F9-47C4-B76C-3C279C50428A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:mod_python:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E46AC3-C536-4EE1-B5D3-E7FF004021CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string."
},
{
"lang": "es",
"value": "Vulnerabilidad desconocida en mod_python 3.0.x anteriores a 3.0.4, y 2.7.x anteriores a 2.7.9 permite a atacantes remotos causar una denegaci\u00f3n de de servicio (ca\u00edda de httpd) mediante cierta cadena de consulta."
}
],
"id": "CVE-2003-0973",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.fedora.us/show_bug.cgi?id=1325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2004/dsa-452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.modpython.org/pipermail/mod_python/2003-November/004005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-063.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A839"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-0185
Vulnerability from fkie_nvd - Published: 2002-05-16 04:00 - Updated: 2026-04-16 00:27
Severity ?
Summary
mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | mod_python | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:mod_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF49F488-A53A-4E2C-84E7-24F71A8A8263",
"versionEndIncluding": "2.7.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module."
},
{
"lang": "es",
"value": "mod_python version 2.7.6 y anteriores permiten a un m\u00f3dulo indirectamente importado por un m\u00f3dulo publicado a ser entonces accedido mediante el publicador, lo que permite a atacantes remotos llamar funciones potencialmente peligrosas del m\u00f3dulo importado."
}
],
"id": "CVE-2002-0185",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-05-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8997.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/001991.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.modpython.org/pipermail/mod_python/2002-April/002003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-070.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4656"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}