Issue Details (XML | Word | Printable)

Key: MODPYTHON-135
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Jim Gallacher
Reporter: Graham Dumpleton
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
mod_python

[SECURITY] A Security Issue with FileSession in 3.2.7

Created: 17/Feb/06 01:32 PM   Updated: 09/Oct/09 11:46 PM
Return to search
Component/s: session
Affects Version/s: 3.2.7
Fix Version/s: 3.2.8, 3.3.1

Time Tracking:
Not Specified

Resolution Date: 06/Mar/06 02:47 AM


 Description  « Hide
As announced on the mailing list:

  http://www.modpython.org/pipermail/mod_python/2006-February/020284.html

If you are using the recently released mod_python 3.2.7 please beware that a
security issue was discovered in the FileSession code.

You are vulnerable only if you are using mod_python 3.2.7 AND you are using
FileSession to keep sessions. FileSession is new in 3.2.7 and is not enabled by
default, therefore if you are using mod_python Session in its default
configuration you are not vulnerable.

The extent of this vulnerability is limited. Only a user who already has an
account (or some ability to write to the filesystem) on the system running
httpd could exploit it, and to the best of our knowledge such a user could
potentially cause httpd to execute arbitrary code.

We are working on a security release of the next version of mod_python and
expect it to be out shortly. Until then, please do not use FileSession.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Repository Revision Date User Message
ASF #378945 Sun Feb 19 19:51:17 UTC 2006 jgallacher Added check for the validity of the session id. This will fix a potential
directory traversal attack in FileSession.
Ref MODPYTHON-135
Files Changed
MODIFY /httpd/mod_python/branches/3.2.x/test/test.py
MODIFY /httpd/mod_python/branches/3.2.x/lib/python/mod_python/__init__.py
MODIFY /httpd/mod_python/branches/3.2.x/Doc/appendixc.tex
MODIFY /httpd/mod_python/branches/3.2.x/src/include/mpversion.h
MODIFY /httpd/mod_python/branches/3.2.x/lib/python/mod_python/Session.py
MODIFY /httpd/mod_python/branches/3.2.x/NEWS

Repository Revision Date User Message
ASF #383359 Sun Mar 05 17:32:01 UTC 2006 jgallacher Ported sid validity check fix for MODPYTHON-135 from branches/3.2.x to
trunk.
Files Changed
MODIFY /httpd/mod_python/trunk/test/test.py
MODIFY /httpd/mod_python/trunk/Doc/appendixc.tex
MODIFY /httpd/mod_python/trunk/lib/python/mod_python/Session.py


Powered by a free Atlassian JIRA open source license for Apache Software Foundation. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.2-#335) - Bug/feature request - Atlassian news - Contact Administrators