Waitress has a denial of service leading to high CPU usage/resource exhaustion

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer exists, but not removing it from the list of sockets to attempt to process. This leads to a busy-loop calling the write function. A remote attacker could run waitress out of available sockets with very little resources required. Waitress 3.0.1 contains fixes that remove the race condition.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

对已超过有效生命周期的资源丧失索引

Waitress 安全漏洞

Waitress是Pylons项目的一个生产质量的纯 Python WSGI 服务器。 Waitress 3.0.1版本之前存在安全漏洞，该漏洞源于如果远程客户端在 waitress 调用 getpeername() 之前关闭连接，则 waitress 将无法正确清理连接，导致主线程尝试写入不再存在的套接字，但不会将其从尝试处理的套接字列表中删除。这会导致调用写入函数的忙循环。远程攻击者只需很少的资源就可以耗尽可用套接字中的 waitress。

N/A

N/A