Bug 835496 - (CVE-2012-2639) CVE-2012-2639 python (SimpleHTTPServer): XSS attacks against Internet Explorer 7 via UTF-7 encoding
CVE-2012-2639 python (SimpleHTTPServer): XSS attacks against Internet Explore...
Status: CLOSED DUPLICATE of bug 803500
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20110308,repor...
: Security
Depends On:
Blocks: 835499
  Show dependency treegraph
 
Reported: 2012-06-26 07:06 EDT by Jan Lieskovsky
Modified: 2016-03-04 06:43 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-26 08:35:12 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2012-06-26 07:06:11 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-2639 to the following vulnerability:

The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 via UTF-7 encoding.

References:
[1] http://bugs.python.org/issue11442
[2] http://jvn.jp/en/jp/JVN51176027/index.html
[3] http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063

Relevant upstream patch:
[4] http://hg.python.org/cpython/rev/e9724d7abbc2
Comment 1 Jan Lieskovsky 2012-06-26 07:09:17 EDT
This issue did NOT affect the version of the python package, as shipped
with Red Hat Enterprise Linux 5.

--

This issue did NOT affect the version of the python package, as shipped
with Red Hat Enterprise Linux 6.

--

This issue did NOT affect the versions of the python package, as shipped
with Fedora release of 16 and 17.

This issue did NOT affect the version of the python26 package, as shipped
with Fedora EPEL 5.

This issue did NOT affect the versions of the python3 package, as shipped
with Fedora release of 16 and 17.
Comment 2 Thomas Spura 2012-06-26 07:32:20 EDT
This is a dublicate of CVE-2011-4940, described in bug #803500 and seems to be addressed already:
https://rhn.redhat.com/errata/RHSA-2012-0744.html

(I cannot access the possible rhel6 security bug, which this depends on.)
Comment 3 Jan Lieskovsky 2012-06-26 08:31:35 EDT
(In reply to comment #2)
> This is a dublicate of CVE-2011-4940, described in bug #803500

Thanks Thomas, you are right (I have had an impression I have seen this somewhere already). Will request CVE-2012-2639 id rejection then.

> and seems to
> be addressed already:
> https://rhn.redhat.com/errata/RHSA-2012-0744.html
> 
> (I cannot access the possible rhel6 security bug, which this depends on.)

And due the corrected RHEL-6 packages, you were correct too. I have checked python-2.6.5-3.el6_0.2 before, which doesn't contain the fix yet, but obviously those from RHSA-2012-0744 (python-2.6.6-29.el6_2.2) contain it already.
Comment 4 Jan Lieskovsky 2012-06-26 08:35:12 EDT

*** This bug has been marked as a duplicate of bug 803500 ***

Note You need to log in before you can comment on or make changes to this bug.