Re: Buffer overflow in pycrypto

[<cve-assign () mitre org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> "AES.new with invalid parameter crashes python"
> https://github.com/dlitz/pycrypto/issues/176

> AES.new(b'\000' * 16, AES.MODE_ECB, b'\000' * 540)

> Apparently this issue is fixed on pycrypto's development branch with
> commit 8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4, but this change can't
> be applied directly to the latest pycrypto release tarball; too much has
> changed.
>
> https://github.com/dlitz/pycrypto/commit/8dbe0dc3eea5c689d4f76b37b93fe216cf1f00d4

> > Throw exception when IV is used with ECB or CTR

> src/block_templace.c
> ALGnew

> someone has used the bug to get a remote shell

> there is a heap buffer overflow on IV

> The website allows us to encrypt and decrypt messages using AES. The
> encryption is performed by cryptmsg.py, using the python library
> pycrypto.

> cgi-bin/cryptmsg.py?%s

Use CVE-2013-7459.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYYqjUAAoJEHb/MwWLVhi2eZkQAI2VvbdXX96+KZkwOyfZ1hRi
Q8EgoeDQ7H1C0DQu/JXIk8WbSos+skE33JtKnuCIlh/rJumKSqydAbv6PJYFsME1
ENAvGxqMUMRKgsX2PywJ4NaI8JlfwE4ICMbjPV2DW9nma/4nlqEegq4vVqm+D5Nu
MeVKNcaNDiIgS0BVnWPsYO+dwGaBbvnlY+v/X+yY8GeRvm2iDJMwCp8N+YVN1mBk
+AS6LMdv6szelN2tTaUdjX8VvYe+GtRm7YNtob4DXT0F+MeH54s3wAahoaMIJ1e6
N9GtoETdiL5BVRmxBf1+XD/js2h/21TpMYL0sCXPutJnvbqgeVm3SjLqZ8hSeKUC
UwmhoO1iduP1y9ws+6HMi1cmzvfAfwxiMvoqms/MYzSx3hpjNkUVYMyfDwTzoJyn
7NhuLA5ktdBZQr3gClr1g1xjQcqXRDwblBCIVfi/vM16DH4YuPWfiOTJOzYUFo2c
svqYeKbDFPqqMsqvfZhqmOKDg9WEyzJn3tYUbOI1AEPL21GnaND599vtMKudgB26
FJlPy7UnZ9aVr41w7YyqPeoROqH11mP9nPuSvn7jWol6jLkEJ75SMKlm8a+GWTyV
tikobUOX6U6A8aVgIm+4rIxgs9vPC51FyYVAGbSxn/PrOWmF9TE3AyCbmQMRwiA5
Fxirt0rchsO0HqXZOmFA
=8hmu
-----END PGP SIGNATURE-----