[ python-Bugs-1473048 ] SimpleXMLRPCServer responds to any path
SourceForge.net
noreply at sourceforge.net
Wed Apr 26 14:42:59 CEST 2006
Bugs item #1473048, was opened at 2006-04-19 11:45
Message generated for change (Comment added) made by akuchling
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1473048&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Python Library
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: A.M. Kuchling (akuchling)
Assigned to: Nobody/Anonymous (nobody)
Summary: SimpleXMLRPCServer responds to any path
Initial Comment:
SimpleXMLRPCServer and DocXMLRPCServer don't look at
the path of the HTTP request at all; you can POST or
GET from / or /RPC2 or /blahblahblah with the same results.
One minor problem with this liberality is that a
security scanner that looks for vulnerable scripts such
as /cgi-bin/phf will report the server as vulnerable.
Nessus, for example, reports dozens of security holes
on a SimpleXMLRPCServer for this reason.
Fix: add a check that only allows '/' or '/RPC2' (maybe
just /RPC2?).
----------------------------------------------------------------------
>Comment By: A.M. Kuchling (akuchling)
Date: 2006-04-26 08:42
Message:
Logged In: YES
user_id=11375
The attached patch adds a .rpc_paths attribute that's a
tuple of legal paths, and a .is_rpc_path_valid() method that
returns True if a path is OK.
A .report_404() method generates a 404 error message, and
SimpleXMLRPCServer and DocXMLRPCServer are modified to check
for legal paths. (Perhaps it should be ._report_404?)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1473048&group_id=5470
More information about the Python-bugs-list
mailing list