CVE-2011-1015 (retired)

Priority
Description
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python
2.5, 2.6, and 3.0 allows remote attackers to read script source code via an
HTTP GET request that lacks a / (slash) character at the beginning of the
URI.
Assigned-to
jdstrand
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Vendor:https://rhn.redhat.com/errata/RHSA-2011-0492.html
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Vendor:https://rhn.redhat.com/errata/RHSA-2011-0554.html
Other:http://hg.python.org/cpython/rev/c6c4398293bd/
Package
Upstream:released (2.7-1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
More Information

Updated: 2019-03-26 11:55:32 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)