Remote Access Vulnerability in mod_python by Zope Corporation
CVE-2005-0088

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Python
Vendor: CVE Published:; 2 May 2005

Summary

The publisher handler in mod_python versions 2.7.8 and earlier is susceptible to a security flaw that enables remote attackers to gain access to restricted objects by crafting a specific URL. This vulnerability could allow unauthorized users to exploit the system, potentially leading to data exposure and further attacks against the application.

References

http://www.redhat.com/support/errata/RHSA-2005-104.html

vendor-advisoryx_refsource_REDHAT

http://security.gentoo.org/glsa/glsa-200502-14.xml

vendor-advisoryx_refsource_GENTOO

http://www.trustix.org/errata/2005/0003/

vendor-advisoryx_refsource_TRUSTIX

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Jan 18, 2005