CVE-2013-7040

Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2013/12/09/3
http://bugs.python.org/issue14621
http://www.openwall.com/lists/oss-security/2013/12/09/13
http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
https://support.apple.com/kb/HT205031	Vendor Advisory
http://www.securityfocus.com/bid/64194

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:python:python:3.3.2:::::::*
	cpe:2.3:a:python:python:3.3.3:::::::*
	cpe:2.3:a:python:python:3.3.3:rc1::::::
	cpe:2.3:a:python:python:3.2:::::::*
	cpe:2.3:a:python:python:3.2:alpha::::::
	cpe:2.3:a:python:python:3.2.5:::::::*
	cpe:2.3:a:python:python:3.1:::::::*
	cpe:2.3:a:python:python:3.0.1:::::::*
	cpe:2.3:a:python:python:2.7.1:::::::*
	cpe:2.3:a:python:python:2.7.5:::::::*
	cpe:2.3:a:python:python:2.7.6:::::::*
	cpe:2.3:a:python:python:3.3.5:-::::::
	cpe:2.3:a:python:python:3.3.3:rc2::::::
	cpe:2.3:a:python:python:3.1.1:::::::*
	cpe:2.3:a:python:python:3.3.1:rc1::::::
	cpe:2.3:a:python:python:3.2.2:::::::*
	cpe:2.3:a:python:python:3.3:::::::*
	cpe:2.3:a:python:python:3.2.2150:::::::*
	cpe:2.3:a:python:python:3.3.4:rc1::::::
	cpe:2.3:a:python:python:3.2.1:::::::*
	cpe:2.3:a:python:python:3.2.0:::::::*
	cpe:2.3:a:python:python:3.3.1:::::::*
	cpe:2.3:a:python:python:3.1.2:::::::*
	cpe:2.3:a:python:python:2.7.1150:::::::*
	cpe:2.3:a:python:python:2.7.1:rc1::::::
	cpe:2.3:a:python:python:3.3.4:::::::*
	cpe:2.3:a:python:python:2.7.2:rc1::::::
	cpe:2.3:a:python:python:2.7.7:::::::*
	cpe:2.3:a:python:python:3.3.0:::::::*
	cpe:2.3:a:python:python:2.7.2150:::::::*
	cpe:2.3:a:python:python:3.3:beta2::::::
	cpe:2.3:a:python:python:3.1.3:::::::*
	cpe:2.3:a:python:python:3.1.4:::::::*
	cpe:2.3:a:python:python:3.0:::::::*
	cpe:2.3:a:python:python:3.1.5:::::::*
	cpe:2.3:a:python:python:2.7.4:::::::*
	cpe:2.3:a:python:python:2.7.3:::::::*
	cpe:2.3:a:python:python:3.2.3:::::::*
	cpe:2.3:a:python:python:3.3.5:rc2::::::
	cpe:2.3:a:python:python:3.3.5:rc1::::::
	cpe:2.3:a:python:python:3.2.4:::::::*

Information

Published : 2014-05-19 07:55

Updated : 2019-10-25 04:53

NVD link : CVE-2013-7040

Mitre link : CVE-2013-7040

JSON object : View

CWE

CWE-310

Cryptographic Issues

Products Affected

apple

mac_os_x

python

python

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2013/12/09/3", "name": "[oss-security] 20131209 CPython hash secret can be recoved remotely", "tags": [], "refsource": "MLIST"}, {"url": "http://bugs.python.org/issue14621", "name": "http://bugs.python.org/issue14621", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2013/12/09/13", "name": "[oss-security] 20131209 Re: CPython hash secret can be recoved remotely", "tags": [], "refsource": "MLIST"}, {"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "name": "APPLE-SA-2015-08-13-2", "tags": [], "refsource": "APPLE"}, {"url": "https://support.apple.com/kb/HT205031", "name": "https://support.apple.com/kb/HT205031", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/64194", "name": "64194", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1150."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-310"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-7040", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-05-19T14:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.10.4"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.5:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.5:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.3.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-10-25T11:53Z"}

4.3 /10