Launchpad.net

CVE 2008-0252

Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.

Related bugs and status

CVE-2008-0252 (Candidate) is related to these bugs:

Bug #187481: [CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files

		In	Importance	Status
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	cherrypy3 (Ubuntu)	Undecided	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	cherrypy3 (Ubuntu Gutsy)	High	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	cherrypy3 (Ubuntu Hardy)	Undecided	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	python-cherrypy (Ubuntu)	High	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	python-cherrypy (Ubuntu Gutsy)	High	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	python-cherrypy (Ubuntu Hardy)	High	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	cherrypy3 (Ubuntu Edgy)	Undecided	Invalid
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	python-cherrypy (Ubuntu Edgy)	High	Fix Released
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	cherrypy3 (Ubuntu Feisty)	Undecided	Invalid
187481	[CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files	python-cherrypy (Ubuntu Feisty)	High	Fix Released

Bug #191198: [python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability

		In	Importance	Status
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu)	Undecided	Fix Released
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu Dapper)	Undecided	Confirmed
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu Edgy)	Undecided	Confirmed
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu Hardy)	Undecided	Fix Released
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu Feisty)	Undecided	Confirmed
191198	[python-cherrypy] [CVE-2008-0252] missing input sanitising, remote vulnerability	python-cherrypy (Ubuntu Gutsy)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.cherrypy.or...
CONFIRM: http://www.cherrypy.or...
CONFIRM: http://www.cherrypy.or...
CONFIRM: http://www.cherrypy.or...
CONFIRM: https://bugs.gentoo.or...
SECUNIA: 28354
CONFIRM: https://issues.rpath.c...
BID: 27181
SECUNIA: 28611
GENTOO: GLSA-200801-11
SECUNIA: 28620
DEBIAN: DSA-1481
SECUNIA: 28769
FEDORA: FEDORA-2008-0299
FEDORA: FEDORA-2008-0333
SECUNIA: 28353
VUPEN: ADV-2008-0039
BUGTRAQ: 20080124 rPSA-2008-003...