Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-0088

Published: 02/05/2005 Updated: 19/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Apache

Vulnerability Summary

The publisher handler for mod_python 2.7.8 and previous versions allows remote malicious users to obtain access to restricted objects via a crafted URL.

Vulnerable Product Search on Vulmon Subscribe to Product

apache mod python 1.9a

apache mod python 2.0

apache mod python 2.6

apache mod python 2.6.1

apache mod python 2.7.3

apache mod python 2.7.4

apache mod python 2.7.5

apache mod python 2.1

apache mod python 2.2

apache mod python 2.6.2

apache mod python 2.6.3

apache mod python 2.7.6

apache mod python 2.7.7

apache mod python 2.3

apache mod python 2.4

apache mod python 2.6.4

apache mod python 2.7

apache mod python

apache mod python 2.4.1

apache mod python 2.5

apache mod python 2.7.1

apache mod python 2.7.2

Vendor Advisories

Ubuntu Security Notice: libapache2-mod-python vulnerabilities
Graham Dumpleton discovered an information disclosure in the “publisher” handle of mod_python By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible ...
Red Hat: mod_python security update
Synopsis mod_python security update Type/Severity Security Advisory: Moderate Topic An Updated mod_python package that fixes a security issue in the publisherhandler is now available Description Mod_python is a module that embeds the Python language interpreter withinthe Apache web server, ...
Red Hat: mod_python security update
Synopsis mod_python security update Type/Severity Security Advisory: Moderate Topic An updated mod_python package that fixes a security issue in the publisherhandle is now available for Red Hat Enterprise Linux 4This update has been rated as having moderate security impact by the Red HatSecurity Response T ...
Debian Security Advisories: DSA-689-1 libapache-mod-python -- missing input sanitizing
Graham Dumpleton discovered a flaw which can affect anyone using the publisher handle of the Apache Software Foundation's mod_python The publisher handle lets you publish objects inside modules to make them callable via URL The flaw allows a carefully crafted URL to obtain extra information that should not be visible (information leak) For the s ...

References

NVD-CWE-Otherhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000926http://www.debian.org/security/2005/dsa-689http://security.gentoo.org/glsa/glsa-200502-14.xmlhttp://www.redhat.com/support/errata/RHSA-2005-100.htmlhttp://www.redhat.com/support/errata/RHSA-2005-104.htmlhttp://www.trustix.org/errata/2005/0003/http://www.kb.cert.org/vuls/id/356409http://www.securityfocus.com/bid/12519http://securitytracker.com/id?1013156http://marc.info/?l=bugtraq&m=110815313218389&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10617http://www.securityfocus.com/archive/1/430286/100/0/threadedhttps://usn.ubuntu.com/80-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/356409
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook