CVE-2005-0089

N/A Unknown

Published: May 02, 2005 Modified: April 16, 2026

Description

The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=bugtraq&m=110746469728728&w=2

Source: cve@mitre.org

Mailing List Third Party Advisory

http://python.org/security/PSF-2005-001/patch-2.2.txt

Source: cve@mitre.org

Broken Link Patch

http://secunia.com/advisories/14128

Source: cve@mitre.org

Broken Link

http://securitytracker.com/id?1013083

Source: cve@mitre.org

Broken Link Third Party Advisory VDB Entry

http://www.debian.org/security/2005/dsa-666

Source: cve@mitre.org

Patch Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:035

Source: cve@mitre.org

Broken Link Third Party Advisory

http://www.python.org/security/PSF-2005-001/

Source: cve@mitre.org

Broken Link Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-108.html

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/12437

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://www.trustix.org/errata/2005/0003/

Source: cve@mitre.org

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19217

Source: cve@mitre.org

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9811

Source: cve@mitre.org

Broken Link

http://marc.info/?l=bugtraq&m=110746469728728&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory

http://python.org/security/PSF-2005-001/patch-2.2.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Patch

http://secunia.com/advisories/14128

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://securitytracker.com/id?1013083

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Third Party Advisory VDB Entry

http://www.debian.org/security/2005/dsa-666

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:035

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Third Party Advisory

http://www.python.org/security/PSF-2005-001/

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link Patch Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-108.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/12437

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory VDB Entry

http://www.trustix.org/errata/2005/0003/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19217

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9811

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

24 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

9.1%

93th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

python