CVE-2013-1752 — Uncontrolled Resource Consumption in Vmware Vcenter Server

CWE-400 — Uncontrolled Resource Consumption11 documents5 sources

Severity

7.5HIGHOSV

No vector

EPSS

No EPSS data

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Esxi Vmware Vcenter Server Vmware Vsphere

Timeline

PublishedJun 25

Description

Title: Python vulnerabilities Summary: Several security issues were fixed in Python. It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. (CVE-2013-1752) It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. …

Affected Packages3 packages

▶vmwarevmware/vmware_vcenter_server

▶vmwarevmware/vmware_esxi

▶vmwarevmware/vmware_vsphere

🔴Vulnerability Details

OSV

python2.7, python3.2, python3.4 vulnerabilities↗2015-06-25

▶

📋Vendor Advisories

Ubuntu

Python vulnerabilities↗2015-06-25

▶

VMware

VMware vSphere product updates address security vulnerabilities↗2014-12-04

▶

Red Hat

python: multiple unbound readline() DoS flaws in python stdlib↗2012-09-25

▶

💬Community

Bugzilla

CVE-2013-1752 python26: python: multiple unbound readline() DoS flaws in python stdlib [epel-5]↗2014-11-26

▶

Bugzilla

CVE-2013-1752 python3: python: multiple unbound readline() DoS flaws in python stdlib [fedora-all]↗2014-11-26

▶

Bugzilla

CVE-2013-1752 python: multiple unbound readline() DoS flaws in python stdlib [fedora-all]↗2014-10-31

▶

Bugzilla

CVE-2013-1752 jython: python: multiple unbound readline() DoS flaws in python stdlib [epel-5]↗2014-10-31

▶

Bugzilla

CVE-2013-1752 jython: python: multiple unbound readline() DoS flaws in python stdlib [epel-7]↗2014-10-31

▶