Uploaded image for project: 'mod_python'
  1. mod_python
  2. MODPYTHON-135

[SECURITY] A Security Issue with FileSession in 3.2.7

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.7
    • Fix Version/s: 3.2.8, 3.3.1
    • Component/s: session
    • Labels:
      None

      Description

      As announced on the mailing list:

      http://www.modpython.org/pipermail/mod_python/2006-February/020284.html

      If you are using the recently released mod_python 3.2.7 please beware that a
      security issue was discovered in the FileSession code.

      You are vulnerable only if you are using mod_python 3.2.7 AND you are using
      FileSession to keep sessions. FileSession is new in 3.2.7 and is not enabled by
      default, therefore if you are using mod_python Session in its default
      configuration you are not vulnerable.

      The extent of this vulnerability is limited. Only a user who already has an
      account (or some ability to write to the filesystem) on the system running
      httpd could exploit it, and to the best of our knowledge such a user could
      potentially cause httpd to execute arbitrary code.

      We are working on a security release of the next version of mod_python and
      expect it to be out shortly. Until then, please do not use FileSession.

        Activity

        Hide
        grahamd Graham Dumpleton added a comment -

        Although fixed in 3.2.8, the fix for this still hasn't been applied to 3.3 trunk.

        Show
        grahamd Graham Dumpleton added a comment - Although fixed in 3.2.8, the fix for this still hasn't been applied to 3.3 trunk.
        Hide
        jgallacher Jim Gallacher added a comment -

        Fix has been ported from 3.2.x to trunk.

        Show
        jgallacher Jim Gallacher added a comment - Fix has been ported from 3.2.x to trunk.
        Hide
        bmartin Brian Martin added a comment -

        CVE-2006-1095

        Show
        bmartin Brian Martin added a comment - CVE-2006-1095

          People

          • Assignee:
            jgallacher Jim Gallacher
            Reporter:
            grahamd Graham Dumpleton
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development