oss-sec mailing list archives
Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request
From: David Malcolm <dmalcolm () redhat com>
Date: Tue, 14 Feb 2012 10:37:09 -0500
On Tue, 2012-02-14 at 12:13 +0100, Jan Lieskovsky wrote:
Hello vendors, just FYI, this issue affected also upstream PyPy v1.6 and v1.8 versions. Relevant upstream bug being here: https://bugs.pypy.org/issue1047
...and almost certainly 1.7 also, probably earlier versions also: 1.6 and 1.8 were the only versions I had to hand and checked. [PyPy embeds a copy of CPython's standard library, which it mostly uses as is, overriding a few things here and there]
Current thread:
- CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request Jan Lieskovsky (Feb 13)
- Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request Kurt Seifried (Feb 13)
- Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request Jan Lieskovsky (Feb 14)
- Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request David Malcolm (Feb 14)
- Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request Jan Lieskovsky (Feb 14)
- Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request Kurt Seifried (Feb 13)