CVE-2016-0772 Ubuntu Security Notification for Python2.7, Python3.2, Python3.4, Python3.5 Vulnerabilities (USN-3134-1)

2016年11月29日 1200点热度 0人点赞 0条评论

漏洞类别：Ubuntu

漏洞等级：

漏洞信息

It was discovered that the smtplib library in Python did not return an error when StartTLS fails.

It was discovered that Python would not protect CGI applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests.

An integer overflow in the zipimporter module in Python that could lead to a heap-based overflow.

It was discovered that the urllib modules in Python did not properly handle carriage return line feed (CRLF) in headers.

漏洞危害

A remote attacker could possibly use this to expose sensitive information. (CVE-2016-0772)

A remote attacker could possibly use this to cause a CGI application to redirect outgoing HTTP requests. (CVE-2016-1000110)

An attacker could use this to craft a special zip file that when read by Python could possibly execute arbitrary code. (CVE-2016-5636)

A remote attacker could use this to craft URLs that inject arbitrary HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5699)

解决方案

Refer to Ubuntu advisory USN-3134-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3134-1: 12.04 (Precise) on src (python3.2)

USN-3134-1: 12.04 (Precise) on src (libpython3.2)

USN-3134-1: 14.04 (Kylin) on src (libpython2.7)

USN-3134-1: 16.04 (Xenial) on src (libpython3.5-stdlib)

USN-3134-1: 12.04 (Precise) on src (python2.7)

USN-3134-1: 14.04 (Kylin) on src (python2.7)

USN-3134-1: 16.04 (Xenial) on src (python2.7)

USN-3134-1: 14.04 (Kylin) on src (python3.4)

USN-3134-1: 16.04 (Xenial) on src (libpython3.5-minimal)