Vulnerability Description
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or delete arbitrary files, and possibly read and write portions of arbitrary files, via a crafted session id in a cookie.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cherrypy | Cherrypy | <= 2.1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/28353
- http://secunia.com/advisories/28354Vendor Advisory
- http://secunia.com/advisories/28611
- http://secunia.com/advisories/28620
- http://secunia.com/advisories/28769
- http://security.gentoo.org/glsa/glsa-200801-11.xml
- http://www.cherrypy.org/changeset/1774ExploitPatch
- http://www.cherrypy.org/changeset/1775ExploitPatch
- http://www.cherrypy.org/changeset/1776Exploit
- http://www.cherrypy.org/ticket/744Exploit
- http://www.debian.org/security/2008/dsa-1481
- http://www.securityfocus.com/archive/1/487001/100/0/threaded
- http://www.securityfocus.com/bid/27181
- http://www.vupen.com/english/advisories/2008/0039
- https://bugs.gentoo.org/show_bug.cgi?id=204829
FAQ
What is CVE-2008-0252?
CVE-2008-0252 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in C...
How severe is CVE-2008-0252?
CVE-2008-0252 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0252?
Check the references section above for vendor advisories and patch information. Affected products include: Cherrypy Cherrypy.