Title: Apache mod_python Output Filter Mode Information Disclosure Vulnerability
Severity: MODERATE
Description:
Apache's mod_python is a module that allows the webserver to interpret Python scripts.
The Apache mod_python module is prone to an information-disclosure vulnerability because the module fails to handle output filter data containing more than 16384 bytes. This issue will cause the 'filter.read()' function to return portions of unallocated memory that may contain sensitive information.
An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks.
Affected Products:
- Apache Software Foundation mod_python 3.0.3
- Apache Software Foundation mod_python 3.0.4
- Apache Software Foundation mod_python 3.1.3
- Apache Software Foundation mod_python 3.1.4
- Ubuntu Ubuntu Linux 5.10.0 amd64
- Ubuntu Ubuntu Linux 5.10.0 i386
- Ubuntu Ubuntu Linux 5.10.0 powerpc
- Ubuntu Ubuntu Linux 5.10.0 sparc
- Ubuntu Ubuntu Linux 6.06 LTS amd64
- Ubuntu Ubuntu Linux 6.06 LTS i386
- Ubuntu Ubuntu Linux 6.06 LTS powerpc
- Ubuntu Ubuntu Linux 6.06 LTS sparc
- rPath rPath Linux 1
References:
- Apache Software Foundation: Apache mod_python Product Page
- rPath: rPath Security Advisory: 2007-0051-1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
