Python Multiple Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Python and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allows attackers to access sensitive information or cause a denial of service of a Python web application, processing URLs, via a specially-crafted urllib open URL request.

Solution

Apply the patch from below link, http://hg.python.org/cpython/file/5937d2119a20/Lib/test/test_urllib2.py ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****

Insight

The flaws are due to error in handling 'ftp://' and 'file://' URL schemes in the Python urllib and urllib2 extensible libraries processed the urllib open URL request.

Affected

Python version 2.x before 2.7.2 and 3.x before 3.2.1

References

http://bugs.python.org/issue11662
http://openwall.com/lists/oss-security/2011/03/24/5
https://bugzilla.redhat.com/show_bug.cgi?id=690560

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1521

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P

Related Vulnerabilities

Apple Safari Multiple Vulnerabilities
Apple Mac OS X Denial of Service Vulnerability
Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Asterisk RTP Comfort Noise Processing Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities