Message152103
Python's socket module as included in Ubuntu Lucid (python version 2.6.5) does not correctly handle and exclude malformed UDP packets. This means that UDP listening programs written in python on this version are susceptible to malformed-UDP-packet based DoS attacks which cause severe CPU spikes in the python process. The spikes to recover once the attacks cease. If malformed UDP packets are properly identified in the library and excluded this will protect all UDP listening software written in python and using the standard sockets module from similar attacks. Currently all such software is vulnerable to such attacks. |
|
Date |
User |
Action |
Args |
2012-01-27 17:33:53 | johzimme | set | recipients:
+ johzimme |
2012-01-27 17:33:53 | johzimme | set | messageid: <1327685633.34.0.235701506916.issue13891@psf.upfronthosting.co.za> |
2012-01-27 17:33:52 | johzimme | link | issue13891 messages |
2012-01-27 17:33:52 | johzimme | create | |
|