[New-bugs-announce] [issue45795] urllib http client vulnerable to DOS attack
Muhammad Farhan
report at bugs.python.org
Fri Nov 12 10:55:25 EST 2021
New submission from Muhammad Farhan <farhankhursheed2018 at gmail.com>:
Hi, During my recent tests I have discovered that the urllib http client (urllib.request.urlopen()) is vulnerable to DOS attack using a simple but effective trick.
I am attaching a file named server.py download it and run it using latest version of python. After running it execute the following python code in python interactive mode. (python -i)
import urllib.request
request = urllib.request.Request('http://127.0.0.1:1338')
response = urllib.request.urlopen(req, timeout=1)
DOS limit: We can achieve DOS for unlimited time.
How to fix?
Implement a good logic for timeout in urllib.request.urlopen(url, timeout). Timeout value should not be reset after client receives a data(bytes), because it can easily be abused to achieve DOS.
----------
components: Library (Lib)
files: server.py
messages: 406220
nosy: haqsek2
priority: normal
severity: normal
status: open
title: urllib http client vulnerable to DOS attack
type: security
versions: Python 3.10
Added file: https://bugs.python.org/file50436/server.py
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue45795>
_______________________________________
More information about the New-bugs-announce
mailing list