Am 16.01.2012 09:44, schrieb Christian Heimes:
Am 16.01.2012 09:18, schrieb Peter Otten:
I've taken a quick look into the suds source; the good news is that you have
to change a single method, reader.Reader.mangle(), to fix the problem with
hash stability.
However, I didn't see any code to deal with hash collisions at all.
It smells like suds is vulnerable to cache poisoning.
That it is, yes, at least partially. Generally, this is only relevant in
case you are actually caching DTDs (which is the default) and in case
you are querying untrusted SOAP-servers (in which case you'll most
likely/should not use caching anyway), and in case the attacker has
control over the URL namespace of a DTD-serving host (because the
host-part of the DTD URL is used in the cache filename, unhashed, only
the actual path is hashed to form the cache index).
The easier way to poison the cache is most probably through actual
traffic modification, as most DTD URLs are served through plain http and
thus are suspect to MitM-modifications, anyway.
--
--- Heiko.
--
http://mail.python.org/mailman/listinfo/python-list