CVE-2011-1521
Publication date 24 May 2011
Last updated 24 July 2024
Ubuntu priority
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a crafted URL, as demonstrated by the file:///etc/passwd and file:///dev/zero URLs.
Status
Package | Ubuntu Release | Status |
---|---|---|
python2.4 | ||
python2.5 | ||
python2.6 | ||
python2.7 | ||
python3.1 | ||
python3.2 | ||
Notes
Patch details
Package | Patch details |
---|---|
python2.4 | |
python2.5 | |
python2.6 | |
python2.7 | |
python3.1 | |
python3.2 |
References
Related Ubuntu Security Notices (USN)
- USN-1613-1
- Python 2.5 vulnerabilities
- 17 October 2012
- USN-1314-1
- Python 3 vulnerabilities
- 19 December 2011
- USN-1592-1
- Python 2.7 vulnerabilities
- 2 October 2012
- USN-1613-2
- Python 2.4 vulnerabilities
- 17 October 2012
- USN-1596-1
- Python 2.6 vulnerabilities
- 4 October 2012