logo
DATABASE RESOURCES PRICING ABOUT US

Denial Of Service (DoS)

Description

Python is vulnerable to denail of service (DoS). Due to a flaw found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects, it caused Python applications using these modules to follow any new URL that they understood, including the "file://" URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed.


Affected Software


CPE Name Name Version
python 2.6.5__3.el6_0.2
python 2.4.3__24.el5_3.6
python 2.4.3__21.el5
python 2.4.3__27.el5
python 2.4.3__27.el5_5.2
python 2.4.3__43.el5
python 2.4.3__27.el5_5.3
python 2.3.4__14.7.el4
python 2.3.4__14.9.el4
python 2.4.3__24.el5
python 2.4.3__19.el5
python 2.3.4__14.4.el4_6.1
python 2.6.5__3.el6
python 2.3.4__14.7.el4_8.2
python-docs 2.6.5__2.el6
python 2.6.5__3.el6_0.2
python 2.4.3__24.el5_3.6
python 2.4.3__21.el5
python 2.4.3__27.el5
python 2.4.3__27.el5_5.2
python 2.4.3__43.el5
python 2.4.3__27.el5_5.3
python 2.3.4__14.7.el4
python 2.3.4__14.9.el4
python 2.4.3__24.el5
python 2.4.3__19.el5
python 2.3.4__14.4.el4_6.1
python 2.6.5__3.el6
python 2.3.4__14.7.el4_8.2
python-docs 2.6.5__2.el6

Related