Message 333709 - Python tracker

Message333709

Author	Talos
Recipients	Talos
Date	2019-01-15.16:24:28
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1547569468.87.0.514647021744.issue35746@roundup.psfhosted.org>
In-reply-to

Content
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Content

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

History
Date	User	Action	Args
2019-01-15 16:24:33	Talos	set	recipients: + Talos
2019-01-15 16:24:28	Talos	set	messageid: <1547569468.87.0.514647021744.issue35746@roundup.psfhosted.org>
2019-01-15 16:24:28	Talos	link	issue35746 messages
2019-01-15 16:24:28	Talos	create