Bug 231065 (CVE-2004-2680)
Summary: | CVE-2004-2680 mod_python arbitrary data disclosure flaw | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Josh Bressers <bressers> | ||||
Component: | vulnerability | Assignee: | Joe Orton <jorton> | ||||
Status: | CLOSED WONTFIX | QA Contact: | |||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | unspecified | CC: | mpoole, tao | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2011-08-01 18:44:52 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 234251, 426368 | ||||||
Attachments: |
|
Description
Josh Bressers
2007-03-05 21:57:41 UTC
Created attachment 149298 [details]
Upstream patch
I'm not convinced this should be considered a security issue. The bug in question can only triggered by use of an output filter; such an output filter could already execute arbitrary code with the privileges of the "apache" user. That was my initial impression as well, but after thinking about this flaw for a bit, it is possible for a remote users to leverage this to expose random memory. I'm thinking an instance where an attacker can cause the page in question to return a great deal of data, which would also contain our random memory. I know this is unlikely, which is why I've rated the flaw as low. Fair enough. This issue only affects mod_python versions which work with httpd 2.x, so the RHEL2.1 mod_python package is not affected by this issue. *** Bug 236578 has been marked as a duplicate of this bug. *** Statement: The Red Hat Security Response Team has rated this issue as having low security impact. We no longer plan to fix this flaw in Red Hat Enterprise Linux 4. |