CVE-2006-1095

CWE-22 — Path Traversal4 documents4 sources

Severity

7.2HIGH

EPSS

0.0%

top 96.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache MOD Python

Timeline

PublishedMar 9

Latest updateMay 1

Description

Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDapache/mod_python3.2.7

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.cgisecurity.com ↗

🔴Vulnerability Details

GHSA

GHSA-wh8r-wrrv-8p2r: Directory traversal vulnerability in the FileSession object in Mod_python module 3↗2022-05-01

▶

CVEList

CVE-2006-1095: Directory traversal vulnerability in the FileSession object in Mod_python module 3↗2006-03-09

▶

📋Vendor Advisories

Red Hat

CVE-2006-1095: Directory traversal vulnerability in the FileSession object in Mod_python module 3↗

▶