logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2012-0845

Description

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. #### Bugs * <http://bugs.python.org/issue14001> #### Notes Author| Note ---|--- [jdstrand](<https://launchpad.net/~jdstrand>) | reproducer doesn't work on 8.04 LTS python2.4, but the code is sufficiently similar that we'll patch


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream python2.4 any
ubuntu upstream python2.5 any
ubuntu 10.04 python2.6 2.6.5-1ubuntu6.1
ubuntu 11.04 python2.6 2.6.6-6ubuntu7.1
ubuntu 11.10 python2.6 2.6.7-4ubuntu1.1
ubuntu upstream python2.6 2.6.8
ubuntu 11.04 python2.7 2.7.1-5ubuntu2.2
ubuntu 11.10 python2.7 2.7.2-5ubuntu1.1
ubuntu upstream python2.7 2.7.3
ubuntu 10.04 python3.1 3.1.2-0ubuntu3.2
ubuntu 11.04 python3.1 3.1.3-1ubuntu1.2
ubuntu upstream python3.1 any
ubuntu 11.04 python3.2 3.2-1ubuntu1.2
ubuntu 11.10 python3.2 3.2.2-0ubuntu1.1
ubuntu upstream python3.2 3.2.3

Related