|Bugzilla:||963260: CVE-2013-2099 python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns|
A denial of service flaw was found in the way Python's SSL module implementation performed matching of certain certificate names. A remote attacker able to obtain a valid certificate that contained multiple wildcard characters could use this flaw to issue a request to validate such a certificate, resulting in excessive consumption of CPU.
Not vulnerable. This issue did not affect the versions of python as shipped with Red Hat Enterprise Linux 5 and 6 as the SSL module there did not implement the match_hostname() routine yet.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Common for RHEL Clientversion 6||RHSA-2015:0042||January 13, 2015|
|Red Hat Enterprise Linux OpenStack Platform 4.0 (python-backports-ssl_match_hostname)||RHSA-2014:1690||October 22, 2014|
|Red Hat Storage Native Client for Red Hat Enterprise Linux 6 (glusterfs)||RHSA-2014:1263||September 18, 2014|
|Red Hat Storage Server 2.1||RHSA-2014:1263||September 18, 2014|
This issue was discovered by Florian Weimer of Red Hat Product Security Team.
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.