Python Multiple Vulnerabilities (Windows) Network Vulnerability

Summary

This host is installed with Python and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allows attackers to access sensitive information or cause a denial of service of a Python web application, processing URLs, via a specially-crafted urllib open URL request.

Solution

Apply the patch from below link, http://hg.python.org/cpython/file/5937d2119a20/Lib/test/test_urllib2.py ***** NOTE: Ignore this warning if above mentioned patch is already applied. *****

Insight

The flaws are due to error in handling 'ftp://' and 'file://' URL schemes in the Python urllib and urllib2 extensible libraries processed the urllib open URL request.

Affected

Python version 2.x before 2.7.2 and 3.x before 3.2.1

References

http://bugs.python.org/issue11662
http://openwall.com/lists/oss-security/2011/03/24/5
https://bugzilla.redhat.com/show_bug.cgi?id=690560

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1521
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:N/A:P

Related Vulnerabilities

Apple iTunes Multiple Vulnerabilities - Apr10
Apache Tomcat Multiple Vulnerabilities - 03 Mar14
Apple Mac OS X Authentication Bypass Vulnerability
Aardvark Topsites Multiple Vulnerabilities
Adobe Reader Unspecified Vulnerability (Windows)

Take action and discover your vulnerabilities