Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-4346

Опубликовано: 20 мая 2014
Источник: debian

Описание

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python-oauth2removedpackage
python-oauth2no-dsawheezypackage

Примечания

  • https://www.openwall.com/lists/oss-security/2013/09/12/5

  • https://github.com/simplegeo/python-oauth2/issues/129

Связанные уязвимости

ubuntu логотип

CVE-2013-4346

ubuntu
больше 11 лет назад

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

redhat логотип

CVE-2013-4346

redhat
около 13 лет назад

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

nvd логотип

CVE-2013-4346

nvd
больше 11 лет назад

The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.

github логотип

GHSA-4433-4cxq-vv73

CVSS3: 7.5
github
больше 3 лет назад

SimpleGeo python-oauth2 does not check the nonce allowing replay attacks