Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo GLSA-200605-16 Low Severity: CherryPy Directory Traversal

gentoo
Calendar Grey May 30, 2006
Dist Gentoo Esm H88
CherryPy running on Gentoo faces a directory traversal vulnerability that permits unauthorized file access; an update is essential to address potential security threats.
CherryPy is vulnerable to a directory traversal that could allow attackers to read arbitrary files.

Summary

Gentoo Linux Security Advisory GLSA 200605-16 https://security.gentoo.org/ Severity: Low Title: CherryPy: Directory traversal vulnerability Date: May 30, 2006 Bugs: #134273 ID: 200605-16

Synopsis ======= CherryPy is vulnerable to a directory traversal that could allow attackers to read arbitrary files.
Background ========= CherryPy is a Python-based, object-oriented web development framework.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-python/cherrypy < 2.1.1 >= 2.1.1
========== Ivo van der Wijk discovered that the "staticfilter" component of CherryPy fails to sanitize input correctly.
Impact ===== An attacker could exploit this flaw to obtain arbi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo directory traversal web application low severity file access CherryPy

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory Gentoo directory traversal web application low severity file access CherryPy

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here