Apache Mod Python vulnerabilities

CVE-2006-1095 [HIGH] CWE-22 CVE-2006-1095: Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache al Directory traversal vulnerability in the FileSession object in Mod_python module 3.2.7 for Apache allows local users to execute arbitrary code via a crafted session cookie.

CVE-2005-0088 [HIGH] CVE-2005-0088: The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to r The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.

CVE-2004-2680 [MEDIUM] CVE-2004-2680: mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters pr mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.

CVE-2004-0096 [MEDIUM] CVE-2004-0096: Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (http Unknown vulnerability in mod_python 2.7.9 allows remote attackers to cause a denial of service (httpd crash) via a certain query string, a variant of CAN-2003-0973.

CVE-2003-0973 [MEDIUM] CVE-2003-0973: Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attack Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.

CVE-2002-0185 [HIGH] CVE-2002-0185: mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to th mod_python version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module.