CGI directory traversal (URL parsing)¶

Warning

This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.

The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This database can be viewed online at the Open Source Vulnerability Database.

An error in separating the path and filename of the CGI script to run in http.server.CGIHTTPRequestHandler allows running arbitrary executables in the directory under which the server was started.

Dates:

Disclosure date: 2013-10-29 (Python issue bpo-19435 reported)

Fixed In¶

Python 2.7.6 (2013-11-10) fixed by commit 1ef959a (branch 2.7) (2013-10-30)
Python 3.2.6 (2014-10-12) fixed by commit 04e9de4 (branch 3.2) (2013-10-30)
Python 3.3.4 (2014-02-09) fixed by commit 04e9de4 (branch 3.2) (2013-10-30)
Python 3.4.0 (2014-03-16) fixed by commit 04e9de4 (branch 3.2) (2013-10-30)

Python issue¶

Directory traversal attack for CGIHTTPRequestHandler.

Python issue: bpo-19435
Creation date: 2013-10-29
Reporter: Alexander Kruppa

Timeline¶

Timeline using the disclosure date 2013-10-29 as reference:

2013-10-29: Python issue bpo-19435 reported by Alexander Kruppa
2013-10-30 (+1 days): commit 04e9de4 (branch 3.2)
2013-10-30 (+1 days): commit 1ef959a (branch 2.7)
2013-11-10 (+12 days): Python 2.7.6 released
2014-02-09 (+103 days): Python 3.3.4 released
2014-03-16: Python 3.4.0 released
2014-10-12 (+348 days): Python 3.2.6 released

CGI directory traversal (URL parsing)¶

Fixed In¶

Python issue¶

Timeline¶

Table of Contents

Previous topic

Next topic

This Page