USN-80-1: mod_python vulnerability
11 February 2005
mod_python vulnerability
Releases
Details
Graham Dumpleton discovered an information disclosure in the
"publisher" handle of mod_python. By requesting a carefully crafted
URL for a published module page, anybody can obtain extra information
about internal variables, objects, and other information which is not
intended to be visible.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 4.10
-
libapache2-mod-python2.3
-
-
libapache2-mod-python2.2
-
In general, a standard system update will make all the necessary changes.