CVE-2011-1015

Priority
Description
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python
2.5, 2.6, and 3.0 allows remote attackers to read script source code via an
HTTP GET request that lacks a / (slash) character at the beginning of the
URI.
Assigned-to
jdstrand
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Vendor:https://rhn.redhat.com/errata/RHSA-2011-0492.html
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Patches:
Vendor:https://rhn.redhat.com/errata/RHSA-2011-0554.html
Other:http://hg.python.org/cpython/rev/c6c4398293bd/
Package
Upstream:released (2.7-1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
More Information

Updated: 2019-12-05 20:56:42 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)