[Bug 191198] [NEW] [python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability

hk47 Tue, 12 Feb 2008 01:25:43 -0800

Public bug reported:

Binary package hint: python-cherrypy


References:
DSA-1481-1 (http://www.debian.org/security/2008/dsa-1481)

Quoting:
"It was discovered that a directory traversal vulnerability in CherryPy,
a pythonic, object-oriented web development framework may lead to denial
of service by deleting files through malicious session IDs in cookies."

** Affects: python-cherrypy (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0252

-- 
[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability
https://bugs.launchpad.net/bugs/191198
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 191198] [NEW] [python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability

Reply via email to