Your submission was sent successfully! Close

CVE-2012-0845

Published: 14 February 2012

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.

Priority

Low

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
hardy
Released (2.4.5-1ubuntu4.4)
lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream Needs triage

python2.5
Launchpad, Ubuntu, Debian
hardy
Released (2.5.2-2ubuntu6.2)
lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream Needs triage

python2.6
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (2.6.5-1ubuntu6.1)
maverick Ignored
(reached end-of-life)
natty
Released (2.6.6-6ubuntu7.1)
oneiric
Released (2.6.7-4ubuntu1.1)
precise Does not exist

quantal Does not exist

upstream
Released (2.6.8)
python2.7
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Ignored
(reached end-of-life)
natty
Released (2.7.1-5ubuntu2.2)
oneiric
Released (2.7.2-5ubuntu1.1)
precise Not vulnerable
(2.7.3-0ubuntu3)
quantal Not vulnerable

upstream
Released (2.7.3)
python3.1
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid
Released (3.1.2-0ubuntu3.2)
maverick Ignored
(reached end-of-life)
natty
Released (3.1.3-1ubuntu1.2)
oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream Needs triage

python3.2
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

maverick Does not exist

natty
Released (3.2-1ubuntu1.2)
oneiric
Released (3.2.2-0ubuntu1.1)
precise Not vulnerable
(3.2.3-0ubuntu3.1)
quantal Not vulnerable

upstream
Released (3.2.3)