CVE - CVE-2012-0845

CVE-ID
CVE-2012-0845	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2013-10-22-3 URL:http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html CONFIRM:http://bugs.python.org/issue14001 CONFIRM:http://python.org/download/releases/2.6.8/ CONFIRM:http://python.org/download/releases/2.7.3/ CONFIRM:http://python.org/download/releases/3.1.5/ CONFIRM:http://python.org/download/releases/3.2.3/ CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=789790 MLIST:[oss-security] 20120213 Re: CVE Request -- python (SimpleXMLRPCServer): DoS (excessive CPU usage) via malformed XML-RPC / HTTP POST request URL:http://www.openwall.com/lists/oss-security/2012/02/13/4 SECTRACK:1026689 URL:http://www.securitytracker.com/id?1026689 SECUNIA:50858 URL:http://secunia.com/advisories/50858 SECUNIA:51024 URL:http://secunia.com/advisories/51024 SECUNIA:51040 URL:http://secunia.com/advisories/51040 SECUNIA:51087 URL:http://secunia.com/advisories/51087 SECUNIA:51089 URL:http://secunia.com/advisories/51089 SUSE:openSUSE-SU-2020:0086 URL:http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html UBUNTU:USN-1592-1 URL:http://www.ubuntu.com/usn/USN-1592-1 UBUNTU:USN-1596-1 URL:http://www.ubuntu.com/usn/USN-1596-1 UBUNTU:USN-1613-1 URL:http://www.ubuntu.com/usn/USN-1613-1 UBUNTU:USN-1613-2 URL:http://www.ubuntu.com/usn/USN-1613-2 UBUNTU:USN-1615-1 URL:http://www.ubuntu.com/usn/USN-1615-1 UBUNTU:USN-1616-1 URL:http://www.ubuntu.com/usn/USN-1616-1
Assigning CNA
Red Hat, Inc.
Date Record Created
20120119	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120119)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)