ID CVE-2008-3142
Summary Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
References
Vulnerable Configurations
  • cpe:2.3:a:python_software_foundation:python:1.5.2
    cpe:2.3:a:python_software_foundation:python:1.5.2
  • cpe:2.3:a:python_software_foundation:python:1.6
    cpe:2.3:a:python_software_foundation:python:1.6
  • cpe:2.3:a:python_software_foundation:python:1.6.1
    cpe:2.3:a:python_software_foundation:python:1.6.1
  • cpe:2.3:a:python_software_foundation:python:2.0
    cpe:2.3:a:python_software_foundation:python:2.0
  • cpe:2.3:a:python_software_foundation:python:2.0.1
    cpe:2.3:a:python_software_foundation:python:2.0.1
  • cpe:2.3:a:python_software_foundation:python:2.1
    cpe:2.3:a:python_software_foundation:python:2.1
  • cpe:2.3:a:python_software_foundation:python:2.1.1
    cpe:2.3:a:python_software_foundation:python:2.1.1
  • cpe:2.3:a:python_software_foundation:python:2.1.2
    cpe:2.3:a:python_software_foundation:python:2.1.2
  • cpe:2.3:a:python_software_foundation:python:2.1.3
    cpe:2.3:a:python_software_foundation:python:2.1.3
  • cpe:2.3:a:python_software_foundation:python:2.2
    cpe:2.3:a:python_software_foundation:python:2.2
  • cpe:2.3:a:python_software_foundation:python:2.2.1
    cpe:2.3:a:python_software_foundation:python:2.2.1
  • cpe:2.3:a:python_software_foundation:python:2.2.2
    cpe:2.3:a:python_software_foundation:python:2.2.2
  • cpe:2.3:a:python_software_foundation:python:2.2.3
    cpe:2.3:a:python_software_foundation:python:2.2.3
  • cpe:2.3:a:python_software_foundation:python:2.3
    cpe:2.3:a:python_software_foundation:python:2.3
  • cpe:2.3:a:python_software_foundation:python:2.3.1
    cpe:2.3:a:python_software_foundation:python:2.3.1
  • cpe:2.3:a:python_software_foundation:python:2.3.2
    cpe:2.3:a:python_software_foundation:python:2.3.2
  • cpe:2.3:a:python_software_foundation:python:2.3.3
    cpe:2.3:a:python_software_foundation:python:2.3.3
  • cpe:2.3:a:python_software_foundation:python:2.3.4
    cpe:2.3:a:python_software_foundation:python:2.3.4
  • cpe:2.3:a:python_software_foundation:python:2.3.5
    cpe:2.3:a:python_software_foundation:python:2.3.5
  • cpe:2.3:a:python_software_foundation:python:2.3.6
    cpe:2.3:a:python_software_foundation:python:2.3.6
  • cpe:2.3:a:python_software_foundation:python:2.3.7
    cpe:2.3:a:python_software_foundation:python:2.3.7
  • cpe:2.3:a:python_software_foundation:python:2.4
    cpe:2.3:a:python_software_foundation:python:2.4
  • cpe:2.3:a:python_software_foundation:python:2.4.1
    cpe:2.3:a:python_software_foundation:python:2.4.1
  • cpe:2.3:a:python_software_foundation:python:2.4.2
    cpe:2.3:a:python_software_foundation:python:2.4.2
  • cpe:2.3:a:python_software_foundation:python:2.4.3
    cpe:2.3:a:python_software_foundation:python:2.4.3
  • cpe:2.3:a:python_software_foundation:python:2.4.4
    cpe:2.3:a:python_software_foundation:python:2.4.4
  • cpe:2.3:a:python_software_foundation:python:2.4.5
    cpe:2.3:a:python_software_foundation:python:2.4.5
  • cpe:2.3:a:python_software_foundation:python:2.5
    cpe:2.3:a:python_software_foundation:python:2.5
  • cpe:2.3:a:python_software_foundation:python:2.5.1
    cpe:2.3:a:python_software_foundation:python:2.5.1
  • cpe:2.3:a:python_software_foundation:python:2.5.2
    cpe:2.3:a:python_software_foundation:python:2.5.2
CVSS
Base: 7.5 (as of 01-08-2008 - 15:34)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200807-16.NASL
    description The remote host is affected by the vulnerability described in GLSA-200807-16 (Python: Multiple vulnerabilities) Multiple vulnerabilities were discovered in Python: David Remahl of Apple Product Security reported several integer overflows in core modules such as stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule (CVE-2008-2315). David Remahl of Apple Product Security also reported an integer overflow in the hashlib module, leading to unreliable cryptographic digest results (CVE-2008-2316). Justin Ferguson reported multiple buffer overflows in unicode string processing that only affect 32bit systems (CVE-2008-3142). The Google Security Team reported multiple integer overflows (CVE-2008-3143). Justin Ferguson reported multiple integer underflows and overflows in the PyOS_vsnprintf() function, and an off-by-one error when passing zero-length strings, leading to memory corruption (CVE-2008-3144). Impact : A remote attacker could exploit these vulnerabilities in Python applications or daemons that pass user-controlled input to vulnerable functions. Exploitation might lead to the execution of arbitrary code or a Denial of Service. Vulnerabilities within the hashlib might lead to weakened cryptographic protection of data integrity or authenticity. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-11
    plugin id 33782
    published 2008-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33782
    title GLSA-200807-16 : Python: Multiple vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2009-001.NASL
    description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied. This security update contains fixes for the following products : - AFP Server - Apple Pixlet Video - CarbonCore - CFNetwork - Certificate Assistant - ClamAV - CoreText - CUPS - DS Tools - fetchmail - Folder Manager - FSEvents - Network Time - perl - Printing - python - Remote Apple Events - Safari RSS - servermgrd - SMB - SquirrelMail - X11 - XTerm
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 35684
    published 2009-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35684
    title Mac OS X Multiple Vulnerabilities (Security Update 2009-001)
  • NASL family Misc.
    NASL id VMWARE_VMSA-2009-0016_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in the following components : - Apache Geronimo - Apache Tomcat - Apache Xerces2 - cURL/libcURL - ISC BIND - Libxml2 - Linux kernel - Linux kernel 64-bit - Linux kernel Common Internet File System - Linux kernel eCryptfs - NTP - Python - Java Runtime Environment (JRE) - Java SE Development Kit (JDK) - Java SE Abstract Window Toolkit (AWT) - Java SE Plugin - Java SE Provider - Java SE Swing - Java SE Web Start
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 89117
    published 2016-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89117
    title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2009-0016.NASL
    description a. JRE Security Update JRE update to version 1.5.0_20, which addresses multiple security issues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in JRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, CVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, CVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. b. Update Apache Tomcat version Update for VirtualCenter and ESX patch update the Tomcat package to version 6.0.20 (vSphere 4.0) or version 5.5.28 (VirtualCenter 2.5) which addresses multiple security issues that existed in the previous version of Apache Tomcat. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.20 and Tomcat 5.5.28: CVE-2008-5515, CVE-2009-0033, CVE-2009-0580, CVE-2009-0781, CVE-2009-0783. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.18: CVE-2008-1232, CVE-2008-1947, CVE-2008-2370. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names to the security issues fixed in Apache Tomcat 6.0.16: CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002. c. Third-party library update for ntp. The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. ESXi 3.5 and ESXi 4.0 have a ntp client that is affected by the following security issue. Note that the same security issue is present in the ESX Service Console as described in section d. of this advisory. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the 'ntp' user. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. The NTP security issue identified by CVE-2009-0159 is not relevant for ESXi 3.5 and ESXi 4.0. d. Service Console update for ntp Service Console package ntp updated to version ntp-4.2.2pl-9el5_3.2 The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. The Service Console present in ESX is affected by the following security issues. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the 'ntp' user. NTP authentication is not enabled by default on the Service Console. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1252 to this issue. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially crafted reply to an ntpq request that could crash ntpq or, potentially, execute arbitrary code with the privileges of the user running the ntpq command. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0159 to this issue. e. Updated Service Console package kernel Updated Service Console package kernel addresses the security issues listed below. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-3528, CVE-2008-5700, CVE-2009-0028, CVE-2009-0269, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, CVE-2009-0778 to the security issues fixed in kernel 2.6.18-128.1.6. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2008-4307, CVE-2009-0834, CVE-2009-1337, CVE-2009-0787, CVE-2009-1336 to the security issues fixed in kernel 2.6.18-128.1.10. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-1439, CVE-2009-1633, CVE-2009-1072, CVE-2009-1630, CVE-2009-1192 to the security issues fixed in kernel 2.6.18-128.1.14. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-5966, CVE-2009-1385, CVE-2009-1388, CVE-2009-1389, CVE-2009-1895, CVE-2009-2406, CVE-2009-2407 to the security issues fixed in kernel 2.6.18-128.4.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2692, CVE-2009-2698 to the security issues fixed in kernel 2.6.18-128.7.1. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-0745, CVE-2009-0746, CVE-2009-0747, CVE-2009-0748, CVE-2009-2847, CVE-2009-2848 to the security issues fixed in kernel 2.6.18-164. f. Updated Service Console package python Service Console package Python update to version 2.4.3-24.el5. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service. Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service. An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-2052 CVE-2007-4965 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CVE-2008-4864 CVE-2008-5031 to these issues. g. Updated Service Console package bind Service Console package bind updated to version 9.3.6-4.P1.el5 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handles dynamic update message packets containing the 'ANY' record type. A remote attacker could use this flaw to send a specially crafted dynamic update packet that could cause named to exit with an assertion failure. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0696 to this issue. h. Updated Service Console package libxml2 Service Console package libxml2 updated to version 2.6.26-2.1.2.8. libxml is a library for parsing and manipulating XML files. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files. A stack overflow flaw was found in the way libxml processes the root XML document element definition in a DTD. A remote attacker could provide a specially crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. Multiple use-after-free flaws were found in the way libxml parses the Notation and Enumeration attribute types. A remote attacker could provide a specially crafted XML file, which once opened by a local, unsuspecting user, would lead to denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-2414 and CVE-2009-2416 to these issues. i. Updated Service Console package curl Service Console package curl updated to version 7.15.5-2.1.el5_3.5 A cURL is affected by the previously published 'null prefix attack', caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse cURL into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2417 to this issue j. Updated Service Console package gnutls Service Console package gnutil updated to version 1.4.1-3.el5_3.5 A flaw was discovered in the way GnuTLS handles NULL characters in certain fields of X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a Certificate Authority trusted by an application using GnuTLS, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse the application into accepting it by mistake. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-2730 to this issue
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 42870
    published 2009-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42870
    title VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1667.NASL
    description Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2315 David Remahl discovered several integer overflows in the stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, and mmapmodule modules. - CVE-2008-3142 Justin Ferguson discovered that incorrect memory allocation in the unicode_resize() function can lead to buffer overflows. - CVE-2008-3143 Several integer overflows were discovered in various Python core modules. - CVE-2008-3144 Several integer overflows were discovered in the PyOS_vsnprintf() function.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 34823
    published 2008-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34823
    title Debian DSA-1667-1 : python2.4 - several vulnerabilities
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-217-01.NASL
    description New python packages are available for Slackware 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2019-01-16
    modified 2018-06-27
    plugin id 33824
    published 2008-08-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33824
    title Slackware 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / current : python (SSA:2008-217-01)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1176.NASL
    description From Red Hat Security Advisory 2009:1176 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2007-4965, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-2315 issue. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 67896
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67896
    title Oracle Linux 5 : python (ELSA-2009-1176)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1178.NASL
    description From Red Hat Security Advisory 2009:1178 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 67898
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67898
    title Oracle Linux 3 : python (ELSA-2009-1178)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PYTHON-5491.NASL
    description This update of python fixes several security vulnerabilities. (CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316)
    last seen 2019-01-16
    modified 2016-12-22
    plugin id 33924
    published 2008-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33924
    title openSUSE 10 Security Update : python (python-5491)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090728_PYTHON_FOR_SL_4_X.NASL
    description When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) Would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 60625
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60625
    title Scientific Linux Security Update : python for SL 4.x on i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12215.NASL
    description This update of python fixes several security vulnerabilities. (CVE-2008-1679 / CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316) Note: for SLE10 a non-security bug in mmap was fixed too.
    last seen 2019-01-16
    modified 2016-12-21
    plugin id 41229
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41229
    title SuSE9 Security Update : Python (YOU Patch Number 12215)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-632-1.NASL
    description It was discovered that there were new integer overflows in the imageop module. If an attacker were able to trick a Python application into processing a specially crafted image, they could execute arbitrary code with user privileges. (CVE-2008-1679) Justin Ferguson discovered that the zlib module did not correctly handle certain archives. If an attacker were able to trick a Python application into processing a specially crafted archive file, they could execute arbitrary code with user privileges. (CVE-2008-1721) Justin Ferguson discovered that certain string manipulations in Python could be made to overflow. If an attacker were able to pass a specially crafted string through the PyString_FromStringAndSize function, they could execute arbitrary code with user privileges. (CVE-2008-1887) Multiple integer overflows were discovered in Python's core and modules including hashlib, binascii, pickle, md5, stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, and mmapmodule. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service. (CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-28
    plugin id 33807
    published 2008-08-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33807
    title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : python2.4, python2.5 vulnerabilities (USN-632-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090727_PYTHON_FOR_SL5_X.NASL
    description When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2007-4965, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-2315 issue.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 60622
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60622
    title Scientific Linux Security Update : python for SL5.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1177.NASL
    description Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-11-27
    plugin id 40401
    published 2009-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40401
    title RHEL 4 : python (RHSA-2009:1177)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1176.NASL
    description Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2007-4965, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-2315 issue. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-11-27
    plugin id 40400
    published 2009-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40400
    title RHEL 5 : python (RHSA-2009:1176)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_PYTHON-080801.NASL
    description This update of python fixes several security vulnerabilities. (CVE-2008-1679,CVE-2008-1887, CVE-2008-3143, CVE-2008-3142, CVE-2008-3144, CVE-2008-2315, CVE-2008-2316)
    last seen 2019-01-16
    modified 2016-12-21
    plugin id 40115
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40115
    title openSUSE Security Update : python (python-128)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_0DCCAA287F3C11DD8DE50030843D3802.NASL
    description Secunia reports : Some vulnerabilities have been reported in Python, where some have unknown impact and others can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Various integer overflow errors exist in core modules e.g. stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule. An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results. Integer overflow errors in the processing of unicode strings can be exploited to cause buffer overflows on 32-bit systems. An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not have a 'vsnprintf()' function. An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings can lead to memory corruption.
    last seen 2019-01-16
    modified 2018-11-21
    plugin id 34164
    published 2008-09-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34164
    title FreeBSD : python -- multiple vulnerabilities (0dccaa28-7f3c-11dd-8de5-0030843d3802)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1178.NASL
    description Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-11-27
    plugin id 40402
    published 2009-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40402
    title RHEL 3 : python (RHSA-2009:1178)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090728_PYTHON_FOR_SL_3_0_X.NASL
    description When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) Would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 60624
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60624
    title Scientific Linux Security Update : python for SL 3.0.x on i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1178.NASL
    description Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 40394
    published 2009-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40394
    title CentOS 3 : python (CESA-2009:1178)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-163.NASL
    description Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows (CVE-2008-1679). This was due to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules (CVE-2008-2315). He also reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results (CVE-2008-2316). Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems (CVE-2008-3142). Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2 (CVE-2008-3143). Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption (CVE-2008-3144). The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 37212
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37212
    title Mandriva Linux Security Advisory : python (MDVSA-2008:163)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_PYTHON-5490.NASL
    description This update of python fixes several security vulnerabilities. (CVE-2008-1679 / CVE-2008-1887 / CVE-2008-3143 / CVE-2008-3142 / CVE-2008-3144 / CVE-2008-2315 / CVE-2008-2316) Note: for SLE10 a non-security bug in mmap was fixed too.
    last seen 2019-01-16
    modified 2016-12-22
    plugin id 33923
    published 2008-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33923
    title SuSE 10 Security Update : Python (ZYPP Patch Number 5490)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1176.NASL
    description Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to disclose sensitive information, crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2007-4965, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) A flaw was discovered in the strxfrm() function of the Python locale module. Strings generated by this function were not properly NULL-terminated, which could possibly cause disclosure of data stored in the memory of a Python application using this function. (CVE-2007-2052) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-2315 issue. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 43771
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43771
    title CentOS 5 : python (CESA-2009:1176)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1177.NASL
    description From Red Hat Security Advisory 2009:1177 : Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Python is an interpreted, interactive, object-oriented programming language. When the assert() system call was disabled, an input sanitization flaw was revealed in the Python string object implementation that led to a buffer overflow. The missing check for negative size values meant the Python memory allocator could allocate less memory than expected. This could result in arbitrary code execution with the Python interpreter's privileges. (CVE-2008-1887) Multiple buffer and integer overflow flaws were found in the Python Unicode string processing and in the Python Unicode and string object implementations. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-3142, CVE-2008-5031) Multiple integer overflow flaws were found in the Python imageop module. If a Python application used the imageop module to process untrusted images, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1679, CVE-2008-4864) Multiple integer underflow and overflow flaws were found in the Python snprintf() wrapper implementation. An attacker could use these flaws to cause a denial of service (memory corruption). (CVE-2008-3144) Multiple integer overflow flaws were found in various Python modules. An attacker could use these flaws to cause a denial of service (Python application crash). (CVE-2008-2315, CVE-2008-3143) An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or, potentially, execute arbitrary code with the Python interpreter's privileges. (CVE-2008-1721) Red Hat would like to thank David Remahl of the Apple Product Security team for responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues. All Python users should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 67897
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67897
    title Oracle Linux 4 : python (ELSA-2009-1177)
oval via4
  • accepted 2013-04-29T04:14:14.904-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
    family unix
    id oval:org.mitre.oval:def:11466
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
    version 24
  • accepted 2014-01-20T04:01:39.229-05:00
    class vulnerability
    contributors
    • name Pai Peng
      organization Hewlett-Packard
    • name Chris Coffin
      organization The MITRE Corporation
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    • comment VMware ESX Server 4.0 is installed
      oval oval:org.mitre.oval:def:6293
    description Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
    family unix
    id oval:org.mitre.oval:def:8422
    status accepted
    submitted 2010-03-19T16:57:59.000-04:00
    title VMware python multiple buffer overflows vulnerability
    version 7
redhat via4
rpms
  • python-0:2.4.3-24.el5_3.6
  • python-devel-0:2.4.3-24.el5_3.6
  • python-tools-0:2.4.3-24.el5_3.6
  • tkinter-0:2.4.3-24.el5_3.6
  • python-0:2.3.4-14.7.el4_8.2
  • python-devel-0:2.3.4-14.7.el4_8.2
  • python-docs-0:2.3.4-14.7.el4_8.2
  • python-tools-0:2.3.4-14.7.el4_8.2
  • tkinter-0:2.3.4-14.7.el4_8.2
  • python-0:2.2.3-6.11
  • python-devel-0:2.2.3-6.11
  • python-tools-0:2.2.3-6.11
  • tkinter-0:2.2.3-6.11
refmap via4
apple APPLE-SA-2009-02-12
bid 30491
bugtraq
  • 20080813 rPSA-2008-0243-1 idle python
  • 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
confirm
debian DSA-1667
gentoo GLSA-200807-16
mandriva
  • MDVSA-2008:163
  • MDVSA-2008:164
secunia
  • 31305
  • 31332
  • 31358
  • 31365
  • 31473
  • 31518
  • 31687
  • 32793
  • 33937
  • 37471
slackware SSA:2008-217-01
suse SUSE-SR:2008:017
ubuntu USN-632-1
vupen
  • ADV-2008-2288
  • ADV-2009-3316
xf
  • python-multiple-bo(44173)
  • python-unicode-bo(44170)
Last major update 07-03-2011 - 22:10
Published 01-08-2008 - 10:41
Last modified 11-10-2018 - 16:47
Back to Top