ID CVE-2006-4980
Summary Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
References
Vulnerable Configurations
  • cpe:2.3:a:python_software_foundation:python:2.3
    cpe:2.3:a:python_software_foundation:python:2.3
  • cpe:2.3:a:python_software_foundation:python:2.3.1
    cpe:2.3:a:python_software_foundation:python:2.3.1
  • cpe:2.3:a:python_software_foundation:python:2.3.2
    cpe:2.3:a:python_software_foundation:python:2.3.2
  • cpe:2.3:a:python_software_foundation:python:2.3.3
    cpe:2.3:a:python_software_foundation:python:2.3.3
  • cpe:2.3:a:python_software_foundation:python:2.3.4
    cpe:2.3:a:python_software_foundation:python:2.3.4
  • cpe:2.3:a:python_software_foundation:python:2.3.5
    cpe:2.3:a:python_software_foundation:python:2.3.5
  • cpe:2.3:a:python_software_foundation:python:2.4
    cpe:2.3:a:python_software_foundation:python:2.4
  • cpe:2.3:a:python_software_foundation:python:2.4.2
    cpe:2.3:a:python_software_foundation:python:2.4.2
  • cpe:2.3:a:python_software_foundation:python:2.4.3
    cpe:2.3:a:python_software_foundation:python:2.4.3
  • cpe:2.3:a:python_software_foundation:python:2.5_alpha_1
    cpe:2.3:a:python_software_foundation:python:2.5_alpha_1
  • cpe:2.3:a:python_software_foundation:python:2.5_alpha_2
    cpe:2.3:a:python_software_foundation:python:2.5_alpha_2
  • cpe:2.3:a:python_software_foundation:python:2.5_beta_1
    cpe:2.3:a:python_software_foundation:python:2.5_beta_1
  • cpe:2.3:a:python_software_foundation:python:2.5_beta_2
    cpe:2.3:a:python_software_foundation:python:2.5_beta_2
  • cpe:2.3:a:python_software_foundation:python:2.5_beta_3
    cpe:2.3:a:python_software_foundation:python:2.5_beta_3
  • cpe:2.3:a:python_software_foundation:python:2.5_final
    cpe:2.3:a:python_software_foundation:python:2.5_final
  • cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_1
    cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_1
  • cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_2
    cpe:2.3:a:python_software_foundation:python:2.5_release_candidate_2
CVSS
Base: 7.5 (as of 10-10-2006 - 11:01)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0713.NASL
    description Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) In addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109. Users of Python should upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22525
    published 2006-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22525
    title RHEL 3 / 4 : python (RHSA-2006:0713)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1198.NASL
    description Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22907
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22907
    title Debian DSA-1198-1 : python2.3 - buffer overflow
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0525.NASL
    description Red Hat Network Satellite Server version 4.2.3 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib was discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-2096). An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. (CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around could allow an attacker, acting as a 'man in the middle' to force an SSL connection to use SSL 2.0 rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures an error condition was mishandled. This can result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types can take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This may possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application written in Python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43838
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43838
    title RHEL 3 / 4 : Solaris client in Satellite Server (RHSA-2008:0525)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-181.NASL
    description A vulnerability in python's repr() function was discovered by Benjamin C. Wiley Sittler. It was found that the function did not properly handle UTF-32/UCS-4 strings, so an application that used repr() on certin untrusted data could possibly be exploited to execute arbitrary code with the privileges of the user running the python application. Updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 24566
    published 2007-02-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24566
    title Mandrake Linux Security Advisory : python (MDKSA-2006:181)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PYTHON-2167.NASL
    description A buffer overflow within python's repr() function has been fixed. The CAN number CVE-2006-4980 has been assigned to this issue.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29559
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29559
    title SuSE 10 Security Update : Python (ZYPP Patch Number 2167)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2006-0713.NASL
    description From Red Hat Security Advisory 2006:0713 : Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) In addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109. Users of Python should upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67414
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67414
    title Oracle Linux 3 / 4 : python (ELSA-2006-0713)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PYTHON-2168.NASL
    description A buffer overflow within python's repr() function has been fixed. The CAN number CVE-2006-4980 has been assigned to this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27406
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27406
    title openSUSE 10 Security Update : python (python-2168)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0264.NASL
    description Red Hat Network Satellite Server version 5.0.2 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in various components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096, CVE-2005-1849) Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339, CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969) Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052, CVE-2006-4980, CVE-2006-1542) Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to 5.0.2, which resolves these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43836
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43836
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0264)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-359-1.NASL
    description Benjamin C. Wiley Sittler discovered that Python's repr() function did not properly handle UTF-32/UCS-4 strings. If an application uses repr() on arbitrary untrusted data, this could be exploited to execute arbitrary code with the privileges of the python application. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27939
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27939
    title Ubuntu 5.04 / 5.10 / 6.06 LTS : python2.3, python2.4 vulnerability (USN-359-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1197.NASL
    description Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22906
    published 2006-10-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22906
    title Debian DSA-1197-1 : python2.4 - buffer overflow
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0629.NASL
    description Red Hat Network Satellite Server version 5.1.1 is now available. This update includes fixes for a number of security issues in Red Hat Network Satellite Server Solaris client components. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This release corrects several security vulnerabilities in components shipped as part of the Red Hat Network Satellite Server Solaris client. In a typical operating environment, these components are not used by the Satellite Server in a vulnerable manner. These security updates will reduce risk should these components be used by other applications. Several flaws in Zlib were discovered. An attacker could create a carefully-crafted compressed stream that would cause an application to crash if the stream was opened by a user. (CVE-2005-2096, CVE-2005-1849) A buffer overflow was discovered in the OpenSSL SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that used this function and overrun a buffer (CVE-2006-3738). A flaw in the SSLv2 client code was discovered. If a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash. (CVE-2006-4343) An attack on OpenSSL PKCS #1 v1.5 signatures was discovered. Where an RSA key with exponent 3 was used an attacker could, potentially, forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. This issue affected applications that use OpenSSL to verify X.509 certificates as well as other uses of PKCS #1 v1.5. (CVE-2006-4339) OpenSSL contained a software work-around for a bug in SSL handling in Microsoft Internet Explorer version 3.0.2. It is enabled in most servers that use OpenSSL to provide support for SSL and TLS. This work-around was vulnerable to a man-in-the-middle attack which allowed a remote user to force an SSL connection to use SSL 2.0, rather than a stronger protocol, such as SSL 3.0 or TLS 1.0. (CVE-2005-2969) During OpenSSL parsing of certain invalid ASN.1 structures, an error condition was mishandled. This could result in an infinite loop which consumed system memory (CVE-2006-2937). Certain public key types could take disproportionate amounts of time to process in OpenSSL, leading to a denial of service. (CVE-2006-2940) A flaw was discovered in the Python repr() function's handling of UTF-32/UCS-4 strings. If an application used the repr() function on untrusted data, this could lead to a denial of service or, possibly, allow the execution of arbitrary code with the privileges of the application using the flawed function. (CVE-2006-4980) A flaw was discovered in the strxfrm() function of Python's locale module. Strings generated by this function were not properly NULL-terminated. This could, potentially, cause disclosure of data stored in the memory of an application using this function. (CVE-2007-2052) Multiple integer overflow flaws were discovered in Python's imageop module. If an application used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or, possibly, execute arbitrary code with the privileges of the Python interpreter. (CVE-2007-4965) A stack-based buffer overflow was discovered in the Python interpreter, which could allow a local user to gain privileges by running a script with a long name from the current working directory. (CVE-2006-1542) Users of Red Hat Network Satellite Server should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43839
    published 2010-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43839
    title RHEL 4 : Solaris client in Satellite Server (RHSA-2008:0629)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL16398.NASL
    description Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. (CVE-2006-4980) Impact An attacker may be able to cause a denial-of-service (DoS) to the system or execute malicious code through exploited scripts.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 82673
    published 2015-04-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82673
    title F5 Networks BIG-IP : Python vulnerability (K16398)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_FE83EB5B55E111DBA5AE00508D6A62DF.NASL
    description Benjamin C. Wiley Sittler reports : I discovered a [buffer overrun in repr() for unicode strings]. This causes an unpatched non-debug wide (UTF-32/UCS-4) build of python to abort. Ubuntu security team reports : If an application uses repr() on arbitrary untrusted data, this [bug] could be exploited to execute arbitrary code with the privileges of the python application.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 22521
    published 2006-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22521
    title FreeBSD : python -- buffer overrun in repr() for unicode strings (fe83eb5b-55e1-11db-a5ae-00508d6a62df)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200610-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-200610-07 (Python: Buffer Overflow) Benjamin C. Wiley Sittler discovered a buffer overflow in Python's 'repr()' function when handling UTF-32/UCS-4 encoded strings. Impact : If a Python application processes attacker-supplied data with the 'repr()' function, this could potentially lead to the execution of arbitrary code with the privileges of the affected application or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22893
    published 2006-10-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22893
    title GLSA-200610-07 : Python: Buffer Overflow
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0713.NASL
    description Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) In addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109. Users of Python should upgrade to these updated packages, which contain a backported patch to correct this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22514
    published 2006-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22514
    title CentOS 3 / 4 : python (CESA-2006:0713)
oval via4
accepted 2013-04-29T04:08:47.803-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
family unix
id oval:org.mitre.oval:def:10789
status accepted
submitted 2010-07-09T03:56:16-04:00
title Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.
version 23
redhat via4
advisories
  • bugzilla
    id 208162
    title CVE-2006-4980 repr unicode buffer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhsa:tst:20060015001
      • OR
        • AND
          • comment python is earlier than 0:2.2.3-6.5
            oval oval:com.redhat.rhsa:tst:20060713002
          • comment python is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713003
        • AND
          • comment python-devel is earlier than 0:2.2.3-6.5
            oval oval:com.redhat.rhsa:tst:20060713008
          • comment python-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713009
        • AND
          • comment python-tools is earlier than 0:2.2.3-6.5
            oval oval:com.redhat.rhsa:tst:20060713006
          • comment python-tools is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713007
        • AND
          • comment tkinter is earlier than 0:2.2.3-6.5
            oval oval:com.redhat.rhsa:tst:20060713004
          • comment tkinter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhsa:tst:20060016001
      • OR
        • AND
          • comment python is earlier than 0:2.3.4-14.3
            oval oval:com.redhat.rhsa:tst:20060713011
          • comment python is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713003
        • AND
          • comment python-devel is earlier than 0:2.3.4-14.3
            oval oval:com.redhat.rhsa:tst:20060713014
          • comment python-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713009
        • AND
          • comment python-docs is earlier than 0:2.3.4-14.3
            oval oval:com.redhat.rhsa:tst:20060713012
          • comment python-docs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713013
        • AND
          • comment python-tools is earlier than 0:2.3.4-14.3
            oval oval:com.redhat.rhsa:tst:20060713015
          • comment python-tools is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713007
        • AND
          • comment tkinter is earlier than 0:2.3.4-14.3
            oval oval:com.redhat.rhsa:tst:20060713016
          • comment tkinter is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060713005
    rhsa
    id RHSA-2006:0713
    released 2006-10-09
    severity Important
    title RHSA-2006:0713: python security update (Important)
  • rhsa
    id RHSA-2008:0629
rpms
  • python-0:2.2.3-6.5
  • python-devel-0:2.2.3-6.5
  • python-tools-0:2.2.3-6.5
  • tkinter-0:2.2.3-6.5
  • python-0:2.3.4-14.3
  • python-devel-0:2.3.4-14.3
  • python-docs-0:2.3.4-14.3
  • python-tools-0:2.3.4-14.3
  • tkinter-0:2.3.4-14.3
refmap via4
bid 20376
bugtraq
  • 20061011 rPSA-2006-0187-1 idle python
  • 20070110 VMware ESX server security updates
confirm
debian
  • DSA-1197
  • DSA-1198
gentoo GLSA-200610-07
mandriva MDKSA-2006:181
sectrack 1017019
secunia
  • 22276
  • 22297
  • 22303
  • 22357
  • 22358
  • 22379
  • 22448
  • 22487
  • 22512
  • 22531
  • 22639
  • 23680
  • 31492
sgi 20061001-01-P
suse SUSE-SR:2006:025
ubuntu USN-359-1
vupen
  • ADV-2006-3940
  • ADV-2006-5131
xf python-repr-bo(29408)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 07-03-2011 - 21:42
Published 10-10-2006 - 00:06
Last modified 17-10-2018 - 17:40
Back to Top