CVE-2012-1150 - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash valu

CVE-2012-1150

Summary

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

References

Vulnerable Configurations

cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:-:*:*:*:*:*:*:*
cpe:2.3:a:python:python:-:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.2150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.6.6150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*
cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 25-10-2019 - 11:53)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

redhat via4

advisories

bugzilla

id	803500
title	CVE-2011-4940 python: potential XSS in SimpleHTTPServer's list_directory()

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment python is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744001
comment python is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554004

AND

comment python-devel is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744003
comment python-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554006

AND
comment python-libs is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744005
comment python-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554008
AND
comment python-test is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744007
comment python-test is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554010

AND

comment python-tools is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744009
comment python-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554012

AND
comment tkinter is earlier than 0:2.6.6-29.el6_2.2
oval oval:com.redhat.rhsa:tst:20120744011
comment tkinter is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110554014

rhsa

id	RHSA-2012:0744
released	2012-06-18
severity	Moderate
title	RHSA-2012:0744: python security update (Moderate)

bugzilla

id	803500
title	CVE-2011-4940 python: potential XSS in SimpleHTTPServer's list_directory()

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment python is earlier than 0:2.4.3-46.el5_8.2
oval oval:com.redhat.rhsa:tst:20120745001
comment python is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091176002

AND

comment python-devel is earlier than 0:2.4.3-46.el5_8.2
oval oval:com.redhat.rhsa:tst:20120745003
comment python-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091176004

AND
comment python-libs is earlier than 0:2.4.3-46.el5_8.2
oval oval:com.redhat.rhsa:tst:20120745005
comment python-libs is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20110027006

AND

comment python-tools is earlier than 0:2.4.3-46.el5_8.2
oval oval:com.redhat.rhsa:tst:20120745007
comment python-tools is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091176006

AND
comment tkinter is earlier than 0:2.4.3-46.el5_8.2
oval oval:com.redhat.rhsa:tst:20120745009
comment tkinter is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20091176008

rhsa

id	RHSA-2012:0745
released	2012-06-18
severity	Moderate
title	RHSA-2012:0745: python security update (Moderate)

rpms

python-0:2.6.6-29.el6_2.2
python-debuginfo-0:2.6.6-29.el6_2.2
python-devel-0:2.6.6-29.el6_2.2
python-libs-0:2.6.6-29.el6_2.2
python-test-0:2.6.6-29.el6_2.2
python-tools-0:2.6.6-29.el6_2.2
tkinter-0:2.6.6-29.el6_2.2
python-0:2.4.3-46.el5_8.2
python-debuginfo-0:2.4.3-46.el5_8.2
python-devel-0:2.4.3-46.el5_8.2
python-libs-0:2.4.3-46.el5_8.2
python-tools-0:2.4.3-46.el5_8.2
tkinter-0:2.4.3-46.el5_8.2

refmap via4

apple	APPLE-SA-2013-10-22-3
confirm	http://bugs.python.org/issue13703 http://python.org/download/releases/2.6.8/ http://python.org/download/releases/2.7.3/ http://python.org/download/releases/3.1.5/ http://python.org/download/releases/3.2.3/ https://bugzilla.redhat.com/show_bug.cgi?id=750555
mlist	[oss-security] 20120309 Re: CVE Request: Python Hash DoS (Issue 13703) [python-dev] 20111229 Hash collision security issue (now public) [python-dev] 20120128 plugging the hash attack
secunia	50858 51087 51089
suse	openSUSE-SU-2020:0086
ubuntu	USN-1592-1 USN-1596-1 USN-1615-1 USN-1616-1

Last major update

25-10-2019 - 11:53

Published

05-10-2012 - 21:55

Last modified

25-10-2019 - 11:53