Directory Traversal Vulnerability in Mod_python for Apache
CVE-2006-1095

Currently unrated

Key Information:

Vendor: Apache
Status: Mod Python
Vendor: CVE Published:; 9 March 2006

Summary

A directory traversal vulnerability exists in the FileSession object of Mod_python version 3.2.7 for Apache. This vulnerability allows local users to manipulate session cookies to execute arbitrary code on the server. An attacker can exploit this flaw by crafting a malicious session cookie that circumvents the application's path restrictions, potentially leading to unauthorized access and execution of commands on the server.

References

http://www.modpython.org/fs_sec_warn.html

x_refsource_CONFIRM

http://www.securityfocus.com/bid/16916

vdb-entryx_refsource_BID

http://www.cgisecurity.com/2006/02/07

x_refsource_MISC

Timeline

Vulnerability published
Mar 9, 2006
Vulnerability Reserved
Mar 9, 2006