Vulnerability CVE-2019-9948


Published: 2019-03-23

Description:
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

Type:

CWE-254

(Security Features)

Vendor: Python
Product: Python 
Version:
2.7.9
2.7.8
2.7.7
2.7.6
2.7.5
2.7.4
2.7.3
2.7.2
2.7.16
2.7.15
2.7.14
2.7.13
2.7.12
2.7.11
2.7.10
2.7.1
2.7.0
2.7
2.6.9
2.6.8
2.6.7
2.6.6150
2.6.6
2.6.5
2.6.4
2.6.3
2.6.2150
2.6.2
2.6.1
2.6.0
2.6
2.5.6
2.5.5
2.5.4
2.5.3
2.5.2
2.5.150
2.5.1
2.5.0
2.5
2.4.6
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.4
2.3.7
2.3.6
2.3.5
2.3.4
2.3.3
2.3.2
2.3.1
2.3.0
2.3
2.2.3
2.2.2
2.2.1
2.2.0
2.2
2.1.3
2.1.2
2.1.1
2.1
2.0.1
2.0
Vendor: Opensuse
Product: LEAP 
Version: 15.0;
Vendor: Netapp
Product: Active iq performance analytics services 

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None

 References:
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html
http://www.securityfocus.com/bid/107549
https://bugs.python.org/issue35907
https://github.com/python/cpython/pull/11842
https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
https://security.netapp.com/advisory/ntap-20190404-0004/

Related CVE
CVE-2019-5498
OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user.
CVE-2019-5502
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
CVE-2019-5501
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
CVE-2019-5493
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used, leading to remote code execution.
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVE-2019-5492
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.

Copyright 2019, cxsecurity.com

 

Back to Top