Latest YouTube Video

Friday, November 3, 2017

[FD] [RT-SA-2016-008] XML External Entity Expansion in Ladon Webservice

Advisory: XML External Entity Expansion in Ladon Webservice Attackers who can send SOAP messages to a Ladon webservice via the HTTP interface of the Ladon webservice can exploit an XML external entity expansion vulnerability and read local files, forge server side requests or overload the service with exponentially growing memory payloads. Details ======= Product: Ladon Framework for Python Affected Versions: 0.9.40 and previous Fixed Versions: none Vulnerability Type: XML External Entity Expansion Security Risk: high Vendor URL: http://ladonize.org Vendor Status: notified Advisory URL: http://ift.tt/2iXjyZ1 Advisory Status: published CVE: GENERIC-MAP-NOMATCH CVE URL: http://ift.tt/1jQGmEN Introduction ============ "Ladon is a framework for exposing methods to several Internet service protocols. Once a method is ladonized it is automatically served through all the interfaces that your ladon installation contains. Ladon's interface implemetations are added in a modular fashion making it very easy [sic] extend Ladon's protocol support. Ladon runs on all Major OS's[sic] (Windows, Mac and Linux) and supports both Python 2 and 3." From the vendor's website[1] More Details ============ Ladon allows developers to expose functions of a class via different webservice protocols by using the @ladonize decorator in Python. By using the WSGI interface of a webserver or by running the Ladon command line tool "ladon-2.7-ctl" with the command "testserve" and the name of the Python file, the webservices can be accessed via HTTP. As a simple example, the following Python file "helloservice.py" was implemented:

Source: Gmail -> IFTTT-> Blogger

No comments: