[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1481 python-cherrypy -- missing input sanitising

ID: oval:org.mitre.oval:def:7998Date: (C)2009-12-15   (M)2021-06-06
Class: PATCHFamily: unix




It was discovered that a directory traversal vulnerability in CherryPy, a pythonic, object-oriented web development framework, may lead to denial of service by deleting files through malicious session IDs in cookies. The old stable distribution (sarge) doesn't contain python-cherrypy.

Platform:
Debian 4.0
Product:
python-cherrypy
Reference:
DSA-1481
CVE-2008-0252
CVE    1
CVE-2008-0252
CPE    1
cpe:/o:debian:debian_linux:4.0

© SecPod Technologies