logo
DATABASE RESOURCES PRICING ABOUT US

Medium: python27

Description

**Issue Overview:** SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. **Affected Packages:** python27 **Issue Correction:** Run _yum update python27_ to update your system. **New Packages:** i686:     python27-2.7.3-1.18.amzn1.i686     python27-libs-2.7.3-1.18.amzn1.i686     python27-devel-2.7.3-1.18.amzn1.i686     python27-test-2.7.3-1.18.amzn1.i686     python27-tools-2.7.3-1.18.amzn1.i686     python27-debuginfo-2.7.3-1.18.amzn1.i686 src:     python27-2.7.3-1.18.amzn1.src x86_64:     python27-libs-2.7.3-1.18.amzn1.x86_64     python27-tools-2.7.3-1.18.amzn1.x86_64     python27-2.7.3-1.18.amzn1.x86_64     python27-test-2.7.3-1.18.amzn1.x86_64     python27-devel-2.7.3-1.18.amzn1.x86_64     python27-debuginfo-2.7.3-1.18.amzn1.x86_64 ### Additional References Red Hat: [CVE-2012-0845](<https://access.redhat.com/security/cve/CVE-2012-0845>) Mitre: [CVE-2012-0845](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 python27 2.7.3-1.18.amzn1
Amazon Linux 1 python27-libs 2.7.3-1.18.amzn1
Amazon Linux 1 python27-devel 2.7.3-1.18.amzn1
Amazon Linux 1 python27-test 2.7.3-1.18.amzn1
Amazon Linux 1 python27-tools 2.7.3-1.18.amzn1
Amazon Linux 1 python27-debuginfo 2.7.3-1.18.amzn1
Amazon Linux 1 python27 2.7.3-1.18.amzn1
Amazon Linux 1 python27-libs 2.7.3-1.18.amzn1
Amazon Linux 1 python27-tools 2.7.3-1.18.amzn1
Amazon Linux 1 python27 2.7.3-1.18.amzn1
Amazon Linux 1 python27-test 2.7.3-1.18.amzn1
Amazon Linux 1 python27-devel 2.7.3-1.18.amzn1
Amazon Linux 1 python27-debuginfo 2.7.3-1.18.amzn1

Related