Bug 1245200 (CVE-2015-5159) - CVE-2015-5159 python-kdcproxy: Missing request size limit allows denial of service
Summary: CVE-2015-5159 python-kdcproxy: Missing request size limit allows denial of se...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2015-5159
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1249762 1245221 1245222 1245223
Blocks: 1222950 1245256
TreeView+ depends on / blocked
 
Reported: 2015-07-21 12:59 UTC by Florian Weimer
Modified: 2019-09-29 13:35 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-09-19 08:11:06 UTC


Attachments (Terms of Use)

Description Florian Weimer 2015-07-21 12:59:00 UTC
It was discovered that python-kdcproxy did not reject overly large POST
requests in the recommend default configuration, allocating arbitrary
amounts of memory, eventually triggering the OOM killer, leading to a
denial of service.

Acknowledgements:

This issue was discovered by Florian Weimer of Red Hat Product Security.

Comment 1 Florian Weimer 2015-07-21 13:56:10 UTC
Mitigation:

Add “LimitRequestBody 100000” to the <Location> stanza, like this:

    <Location "/KdcProxy">
        Satisfy Any
        Order Deny,Allow
        Allow from all
        WSGIProcessGroup kdcproxy
        WSGIApplicationGroup kdcproxy
        LimitRequestBody 100000
    </Location>

Comment 3 Florian Weimer 2015-07-21 14:02:35 UTC
Created python-kdcproxy tracking bugs for this issue:

Affects: fedora-all [bug 1245223]

Comment 4 Florian Weimer 2015-07-21 14:11:13 UTC
Upstream bug report: https://github.com/npmccallum/kdcproxy/issues/20

Comment 6 Stefan Cornelius 2015-08-03 18:02:32 UTC
Created python-kdcproxy tracking bugs for this issue:

Affects: epel-7 [bug 1249762]


Note You need to log in before you can comment on or make changes to this bug.