CVE-2019-9740

MEDIUM

Description

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command.

References

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html

http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

http://www.securityfocus.com/bid/107466

https://access.redhat.com/errata/RHSA-2019:1260

https://access.redhat.com/errata/RHSA-2019:2030

https://bugs.python.org/issue36276

https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html

https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/

https://lists.fedoraproject.org/archives/list/[email protected]/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/

https://lists.fedoraproject.org/archives/list/[email protected]/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/

https://seclists.org/bugtraq/2019/Oct/29

https://security.netapp.com/advisory/ntap-20190619-0005/

https://usn.ubuntu.com/4127-1/

https://usn.ubuntu.com/4127-2/

Details

Source: MITRE

Published: 2019-03-13

Updated: 2019-05-28

Type: CWE-93

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (41 total)

ID	Name	Product	Family	Severity
134741	EulerOS Virtualization 3.0.2.2 : python (EulerOS-SA-2020-1275)	Nessus	Huawei Local Security Checks	medium
134603	GLSA-202003-26 : Python: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
134501	EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2020-1212)	Nessus	Huawei Local Security Checks	medium
132508	NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229)	Nessus	NewStart CGSL Local Security Checks	medium
132188	EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2653)	Nessus	Huawei Local Security Checks	medium
131596	EulerOS 2.0 SP2 : python (EulerOS-SA-2019-2442)	Nessus	Huawei Local Security Checks	medium
131244	Amazon Linux AMI : python34 (ALAS-2019-1324)	Nessus	Amazon Linux Local Security Checks	medium
130797	Fedora 29 : python35 (2019-d202cda4f8)	Nessus	Fedora Local Security Checks	medium
130793	Fedora 30 : python35 (2019-b06ec6159b)	Nessus	Fedora Local Security Checks	medium
130784	Fedora 31 : python35 (2019-57462fa10d)	Nessus	Fedora Local Security Checks	medium
130701	EulerOS 2.0 SP3 : python-urllib3 (EulerOS-SA-2019-2239)	Nessus	Huawei Local Security Checks	medium
130687	EulerOS 2.0 SP5 : python (EulerOS-SA-2019-2225)	Nessus	Huawei Local Security Checks	medium
130548	RHEL 8 : python3 (RHSA-2019:3520)	Nessus	Red Hat Local Security Checks	medium
130527	RHEL 8 : python27:2.7 (RHSA-2019:3335)	Nessus	Red Hat Local Security Checks	high
130079	Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-293-01)	Nessus	Slackware Local Security Checks	medium
129884	NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187)	Nessus	NewStart CGSL Local Security Checks	medium
128865	openSUSE Security Update : python-urllib3 (openSUSE-2019-2133)	Nessus	SuSE Local Security Checks	medium
128864	openSUSE Security Update : python-urllib3 (openSUSE-2019-2131)	Nessus	SuSE Local Security Checks	medium
128631	Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : python2.7, python3.5, python3.6, python3.7 vulnerabilities (USN-4127-1)	Nessus	Ubuntu Local Security Checks	medium
128333	CentOS 7 : python (CESA-2019:2030)	Nessus	CentOS Local Security Checks	medium
128254	Scientific Linux Security Update : python on SL7.x x86_64 (20190806)	Nessus	Scientific Linux Local Security Checks	medium
127651	RHEL 7 : python (RHSA-2019:2030)	Nessus	Red Hat Local Security Checks	medium
127127	Ansible Tower 3.3.x < 3.3.6 / 3.4.x < 3.4.4 / 3.5.x < 3.5.1 CRLF Vulnerability	Nessus	CGI abuses	medium
127071	Amazon Linux AMI : python35 (ALAS-2019-1243)	Nessus	Amazon Linux Local Security Checks	medium
127070	Amazon Linux AMI : python34 (ALAS-2019-1242)	Nessus	Amazon Linux Local Security Checks	medium
126959	Amazon Linux 2 : python3 (ALAS-2019-1247)	Nessus	Amazon Linux Local Security Checks	medium
126667	FreeBSD : python 3.7 -- multiple vulnerabilities (a449c604-a43a-11e9-b422-fcaa147e860e)	Nessus	FreeBSD Local Security Checks	medium
126659	Fedora 29 : python36 (2019-7df59302e0)	Nessus	Fedora Local Security Checks	medium
126658	Fedora 30 : python36 (2019-7723d4774a)	Nessus	Fedora Local Security Checks	medium
126534	FreeBSD : python 3.6 -- multiple vulnerabilities (18ed9650-a1d6-11e9-9b17-fcaa147e860e)	Nessus	FreeBSD Local Security Checks	medium
126346	Amazon Linux AMI : python27 (ALAS-2019-1230)	Nessus	Amazon Linux Local Security Checks	medium
126285	EulerOS 2.0 SP8 : python3 (EulerOS-SA-2019-1658)	Nessus	Huawei Local Security Checks	medium
126284	EulerOS 2.0 SP8 : python2 (EulerOS-SA-2019-1657)	Nessus	Huawei Local Security Checks	medium
126223	Debian DLA-1835-2 : python3.4 regression update	Nessus	Debian Local Security Checks	medium
126222	Debian DLA-1834-1 : python2.7 security update	Nessus	Debian Local Security Checks	medium
126201	Photon OS 1.0: Python3 PHSA-2019-1.0-0237	Nessus	PhotonOS Local Security Checks	high
126200	Photon OS 1.0: Python2 PHSA-2019-1.0-0237	Nessus	PhotonOS Local Security Checks	high
126123	Photon OS 1.0: Python2 PHSA-2019-1.0-0236	Nessus	PhotonOS Local Security Checks	high
125604	Amazon Linux AMI : python36 (ALAS-2019-1204)	Nessus	Amazon Linux Local Security Checks	medium
125434	Fedora 29 : python3 (2019-ec26883852)	Nessus	Fedora Local Security Checks	medium
125229	Fedora 30 : python3 (2019-1ffd6b6064)	Nessus	Fedora Local Security Checks	medium