Описание
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.3.2-1 |
| edgy | released | 1.3.2-1 |
| feisty | released | 1.3.2-1 |
| gutsy | released | 1.3.2-1 |
| hardy | released | 1.3.2-1 |
| intrepid | released | 1.3.2-1 |
| jaunty | released | 1.3.2-1 |
| karmic | released | 1.3.2-1 |
| upstream | released | 1.3.2 |
Показывать по
Ссылки на источники
5 Medium
CVSS2
Связанные уязвимости
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.
PyBlosxom before 1.3.2, when running on certain webservers, allows rem ...
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read arbitrary files via an HTTP request with multiple leading / (slash) characters, which is accessed using the PATH_INFO variable.
5 Medium
CVSS2