FreeBSD : mod_python -- information leakage vulnerability (5192e7ca-7d4f-11d9-a9e7-0001020eed82)
High Nessus Plugin ID 18932
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionMark J Cox reports :
Graham Dumpleton discovered a flaw which can affect anyone using the publisher handle of the Apache Software Foundation mod_python. The publisher handle lets you publish objects inside modules to make them callable via URL. The flaw allows a carefully crafted URL to obtain extra information that should not be visible (information leak).
SolutionUpdate the affected packages.