Bug 1245200 (CVE-2015-5159) - CVE-2015-5159 python-kdcproxy: Missing request size limit allows denial of service
Summary: CVE-2015-5159 python-kdcproxy: Missing request size limit allows denial of se...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2015-5159
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1245221 1245222 1245223 1249762
Blocks: 1222950 1245256
TreeView+ depends on / blocked
 
Reported: 2015-07-21 12:59 UTC by Florian Weimer
Modified: 2023-05-12 10:41 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-09-19 08:11:06 UTC
Embargoed:

Attachments (Terms of Use)

Description Florian Weimer 2015-07-21 12:59:00 UTC 
It was discovered that python-kdcproxy did not reject overly large POST
requests in the recommend default configuration, allocating arbitrary
amounts of memory, eventually triggering the OOM killer, leading to a
denial of service.

Acknowledgements:

This issue was discovered by Florian Weimer of Red Hat Product Security.
Comment 1 Florian Weimer 2015-07-21 13:56:10 UTC 
Mitigation:

Add “LimitRequestBody 100000” to the <Location> stanza, like this:

    <Location "/KdcProxy">
        Satisfy Any
        Order Deny,Allow
        Allow from all
        WSGIProcessGroup kdcproxy
        WSGIApplicationGroup kdcproxy
        LimitRequestBody 100000
    </Location>
Comment 3 Florian Weimer 2015-07-21 14:02:35 UTC 
Created python-kdcproxy tracking bugs for this issue:

Affects: fedora-all [bug 1245223]
Comment 4 Florian Weimer 2015-07-21 14:11:13 UTC 
Upstream bug report: https://github.com/npmccallum/kdcproxy/issues/20
Comment 6 Stefan Cornelius 2015-08-03 18:02:32 UTC 
Created python-kdcproxy tracking bugs for this issue:

Affects: epel-7 [bug 1249762]
Comment 7 Stefan Cornelius 2015-08-04 07:52:12 UTC 
Upstream patches:
https://github.com/npmccallum/kdcproxy/commit/f274aa6787cb8b3ec1cc12c440a56665b7231882
and
https://github.com/npmccallum/kdcproxy/commit/5edbbeb7f950ed9db60b11f0fdce1ec96194f761
Note You need to log in before you can comment on or make changes to this bug.