English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Python Web Form Multiple Vulnerabilities


Secunia ID

SA48347

CVE-ID

CVE-2011-3389, CVE-2012-0876, CVE-2012-1150

Release Date

12 Mar 2012

Last Change

01 Jun 2012

Criticality

Less Critical

Solution Status

Vendor Patch

Software

Python 2.6.x
Python 2.7.x
Python 3.x

Where

From remote

Impact
DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Exposure of sensitive information

Vulnerabilities where documents or credentials are leaked or can be revealed either locally or from remote.

Hijacking

This covers vulnerabilities where a user session or a communication channel can be taken over by other users or remote attackers.

Description

Some vulnerabilities have been reported in Python, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and cause a DoS (Denial of Service).

1) An error within a hash generation function when hashing form posts and updating a hash table can be exploited to cause a hash collision resulting in high CPU consumption via a specially crafted form sent in a HTTP POST request.

2) A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols.

For more information:
SA46168

3) An error within certain hash functions related to expat can be exploited to cause a hash collision resulting in high CPU consumption.

For more information:
SA36425

The vulnerabilities are reported in versions prior to 2.6.8, 2.7.3, 3.1.5, and 3.2.3.

Solution

Update to version 2.6.8, 2.7.3, 3.1.5, or 3.2.3.

Reported by

1) Alexander Klink, n.runs AG and Julian Wälde, Technische Universität Darmstadt

Original Advisory

Python:
http://www.python.org/download/releases/2.6.8/
http://www.python.org/download/releases/2.7.3/
http://www.python.org/download/releases/3.1.5/
http://www.python.org/download/releases/3.2.3/
http://bugs.python.org/issue13703
http://bugs.python.org/issue13885
http://bugs.python.org/issue14234

n.runs (SA-2011.004):
http://www.nruns.com/_downloads/advisory28122011.pdf