Python Web Form Multiple Vulnerabilities

SA48347

CVE-2011-3389, CVE-2012-0876, CVE-2012-1150

12 Mar 2012

01 Jun 2012

Less Critical

Vendor Patch

Python 2.6.x
Python 2.7.x
Python 3.x

From remote

DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Exposure of sensitive information

Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote.

Hijacking

This covers vulnerabilities where a user session or a communication channel can be taken over by other users or remote attackers.

Some vulnerabilities have been reported in Python, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and cause a DoS (Denial of Service).

1) An error within a hash generation function when hashing form posts and updating a hash table can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.

2) A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols.

For more information:
SA46168

3) An error within certain hash functions related to expat can be exploited to cause a hash collision resulting in high CPU consumption.

For more information:
SA36425

The vulnerabilities are reported in versions prior to 2.6.8, 2.7.3, 3.1.5, and 3.2.3.

Update to version 2.6.8, 2.7.3, 3.1.5, or 3.2.3.

1) Alexander Klink, n.runs AG and Julian Wälde, Technische Universität Darmstadt

Python:
http://www.python.org/download/releases/2.6.8/
http://www.python.org/download/releases/2.7.3/
http://www.python.org/download/releases/3.1.5/
http://www.python.org/download/releases/3.2.3/
http://bugs.python.org/issue13703
http://bugs.python.org/issue13885
http://bugs.python.org/issue14234

n.runs (SA-2011.004):
http://www.nruns.com/_downloads/advisory28122011.pdf