CVE-2013-1752

Impact:
Moderate
Public Date:
2012-09-25
IAVA:
2014-B-0161
CWE:
CWE-400
Bugzilla:
1046174: CVE-2013-1752 python: multiple unbound readline() DoS flaws in python stdlib
It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory.

Find out more about CVE-2013-1752 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat JBoss SOA Platform 5 is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes&#59; and Red Hat JBoss SOA Platform 4.3 is now in Extended Life Support phase receiving only Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat JBoss Middleware Product Life Cycle: https://access.redhat.com/support/policy/updates/jboss_notes/

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 4.3
Base Metrics AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Software Collections for Red Hat Enterprise Linux version 6 RHSA-2015:1064 2015-06-04
Red Hat Enterprise Linux version 7 (python) RHSA-2015:2101 2015-11-19
Red Hat Software Collections for Red Hat Enterprise Linux version 7 RHSA-2015:1064 2015-06-04
Red Hat Enterprise Linux version 6 (python) RHSA-2015:1330 2015-07-20

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 redhat-support-lib-python Will not fix
Red Hat Enterprise Linux 6 redhat-support-lib-python Will not fix
Red Hat Enterprise Linux 5 redhat-support-lib-python Will not fix
Red Hat Enterprise Linux 6 jython Will not fix
Red Hat Enterprise Linux 5 python Will not fix