9.3 High
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
67.6%
Python is prone to a denial of service (DoS) vulnerability.
# SPDX-FileCopyrightText: 2021 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:python:python";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.112995");
script_version("2023-07-05T05:06:18+0000");
script_tag(name:"last_modification", value:"2023-07-05 05:06:18 +0000 (Wed, 05 Jul 2023)");
script_tag(name:"creation_date", value:"2021-11-02 10:32:11 +0000 (Tue, 02 Nov 2021)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_cve_id("CVE-2013-7040");
script_tag(name:"qod_type", value:"remote_banner_unreliable");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Python 2.7 < 3.4 DoS Vulnerability (bpo-14621) - Linux");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2021 Greenbone AG");
script_family("Denial of Service");
script_dependencies("gb_python_consolidation.nasl", "os_detection.nasl");
script_mandatory_keys("python/detected", "Host/runs_unixoide");
script_tag(name:"summary", value:"Python is prone to a denial of service (DoS) vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Python only uses the last eight bits of the prefix to randomize
hash values, which causes it to compute hash values without restricting the ability to trigger
hash collisions predictably and makes it easier for context-dependent attackers to cause a denial
of service (CPU consumption) via crafted input to an application that maintains a hash table.");
script_tag(name:"affected", value:"Python 2.7 before 3.4.");
script_tag(name:"solution", value:"The vendor has released updates. Please see the references for
more information.");
script_xref(name:"URL", value:"https://python-security.readthedocs.io/vuln/hash-function-not-randomized-properly.html");
script_xref(name:"Advisory-ID", value:"bpo-14621");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if( isnull( port = get_app_port( cpe:CPE ) ) )
exit( 0 );
if( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE, version_regex:"^[0-9]+\.[0-9]+\.[0-9]+" ) )
exit( 0 );
version = infos["version"];
location = infos["location"];
if( version_in_range( version:version, test_version:"2.7", test_version2:"3.3.7" ) ) {
report = report_fixed_ver( installed_version:version, fixed_version:"3.4", install_path:location );
security_message( port:port, data:report );
exit( 0 );
}
exit( 99 );