Executive Summary
Summary | |
---|---|
Title | Python vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-632-1 | First vendor Publication | 2008-08-01 |
Vendor | Ubuntu | Last vendor Modification | 2008-08-01 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 7.04: Ubuntu 7.10: Ubuntu 8.04 LTS: After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: It was discovered that there were new integer overflows in the imageop module. If an attacker were able to trick a Python application into processing a specially crafted image, they could execute arbitrary code with user privileges. (CVE-2008-1679) Justin Ferguson discovered that the zlib module did not correctly handle certain archives. If an attacker were able to trick a Python application into processing a specially crafted archive file, they could execute arbitrary code with user privileges. (CVE-2008-1721) Justin Ferguson discovered that certain string manipulations in Python could be made to overflow. If an attacker were able to pass a specially crafted string through the PyString_FromStringAndSize function, they could execute arbitrary code with user privileges. (CVE-2008-1887) Multiple integer overflows were discovered in Python's core and modules including hashlib, binascii, pickle, md5, stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, and mmapmodule. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service. (CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144). |
Original Source
Url : http://www.ubuntu.com/usn/USN-632-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
25 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
12 % | CWE-681 | Incorrect Conversion between Numeric Types |
12 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10170 | |||
Oval ID: | oval:org.mitre.oval:def:10170 | ||
Title: | Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. | ||
Description: | Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3144 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10407 | |||
Oval ID: | oval:org.mitre.oval:def:10407 | ||
Title: | Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | ||
Description: | Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1887 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10583 | |||
Oval ID: | oval:org.mitre.oval:def:10583 | ||
Title: | Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | ||
Description: | Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1679 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11466 | |||
Oval ID: | oval:org.mitre.oval:def:11466 | ||
Title: | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | ||
Description: | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3142 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17381 | |||
Oval ID: | oval:org.mitre.oval:def:17381 | ||
Title: | USN-632-1 -- python2.4, python2.5 vulnerabilities | ||
Description: | It was discovered that there were new integer overflows in the imageop module. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-632-1 CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315 CVE-2008-2316 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | python2.4 python2.5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18481 | |||
Oval ID: | oval:org.mitre.oval:def:18481 | ||
Title: | DSA-1551-1 python2.4 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1551-1 CVE-2007-2052 CVE-2007-4965 CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19316 | |||
Oval ID: | oval:org.mitre.oval:def:19316 | ||
Title: | DSA-1667-1 python2.4 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1667-1 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.4 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20188 | |||
Oval ID: | oval:org.mitre.oval:def:20188 | ||
Title: | DSA-1620-1 python2.5 - several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1620-1 CVE-2007-2052 CVE-2007-4965 CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.5 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7720 | |||
Oval ID: | oval:org.mitre.oval:def:7720 | ||
Title: | VMware python multiple integer overflows vulnerability | ||
Description: | Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3143 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7725 | |||
Oval ID: | oval:org.mitre.oval:def:7725 | ||
Title: | VMware python multiple integer overflows vulnerability in the PyOS_vsnprintf function | ||
Description: | Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3144 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7800 | |||
Oval ID: | oval:org.mitre.oval:def:7800 | ||
Title: | Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code | ||
Description: | Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1679 | Version: | 1 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7901 | |||
Oval ID: | oval:org.mitre.oval:def:7901 | ||
Title: | DSA-1667 python2.4 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems: David Remahl discovered several integer overflows in the stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, and mmapmodule modules. Justin Ferguson discovered that incorrect memory allocation in the unicode_resize() function can lead to buffer overflows. Several integer overflows were discovered in various Python core modules. Several integer overflows were discovered in the PyOS_vsnprintf() function. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1667 CVE-2008-2315 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7981 | |||
Oval ID: | oval:org.mitre.oval:def:7981 | ||
Title: | DSA-1620 python2.5 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems: Piotr Engelking discovered that the strxfrm() function of the locale module miscalculates the length of an internal buffer, which may result in a minor information disclosure. It was discovered that several integer overflows in the imageop module may lead to the execution of arbitrary code, if a user is tricked into processing malformed images. This issue is also tracked as CVE-2008-1679 due to an initially incomplete patch. Justin Ferguson discovered that a buffer overflow in the zlib module may lead to the execution of arbitrary code. Justin Ferguson discovered that insufficient input validation in PyString_FromStringAndSize() may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1620 CVE-2007-2052 CVE-2007-4965 CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.5 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8152 | |||
Oval ID: | oval:org.mitre.oval:def:8152 | ||
Title: | DSA-1551 python2.4 -- several vulnerabilities | ||
Description: | Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems: Piotr Engelking discovered that the strxfrm() function of the locale module miscalculates the length of an internal buffer, which may result in a minor information disclosure. It was discovered that several integer overflows in the imageop module may lead to the execution of arbitrary code, if a user is tricked into processing malformed images. This issue is also tracked as CVE-2008-1679 due to an initially incomplete patch. Justin Ferguson discovered that a buffer overflow in the zlib module may lead to the execution of arbitrary code. Justin Ferguson discovered that insufficient input validation in PyString_FromStringAndSize() may lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1551 CVE-2007-2052 CVE-2007-4965 CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | python2.4 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8249 | |||
Oval ID: | oval:org.mitre.oval:def:8249 | ||
Title: | Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code | ||
Description: | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1721 | Version: | 1 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8422 | |||
Oval ID: | oval:org.mitre.oval:def:8422 | ||
Title: | VMware python multiple buffer overflows vulnerability | ||
Description: | Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3142 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8445 | |||
Oval ID: | oval:org.mitre.oval:def:8445 | ||
Title: | Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code | ||
Description: | Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2315 | Version: | 1 |
Platform(s): | Sun Solaris 10 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:8494 | |||
Oval ID: | oval:org.mitre.oval:def:8494 | ||
Title: | VMware python zlib extension module vulnerability | ||
Description: | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1721 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8624 | |||
Oval ID: | oval:org.mitre.oval:def:8624 | ||
Title: | VMware python PyString_FromStringAndSize function vulnerability | ||
Description: | Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1887 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8683 | |||
Oval ID: | oval:org.mitre.oval:def:8683 | ||
Title: | VMware python multiple integer overflows vulnerability | ||
Description: | Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2315 | Version: | 4 |
Platform(s): | VMWare ESX Server 3 VMWare ESX Server 3.5 VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:8996 | |||
Oval ID: | oval:org.mitre.oval:def:8996 | ||
Title: | Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." | ||
Description: | Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google." | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3143 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9407 | |||
Oval ID: | oval:org.mitre.oval:def:9407 | ||
Title: | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||
Description: | Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1721 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9761 | |||
Oval ID: | oval:org.mitre.oval:def:9761 | ||
Title: | Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. | ||
Description: | Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. NOTE: The expandtabs integer overflows in stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-2315 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for python CESA-2009:1178 centos3 i386 File : nvt/gb_CESA-2009_1178_python_centos3_i386.nasl |
2011-08-09 | Name : CentOS Update for python CESA-2009:1176 centos5 i386 File : nvt/gb_CESA-2009_1176_python_centos5_i386.nasl |
2010-11-16 | Name : Mandriva Update for python MDVSA-2010:215 (python) File : nvt/gb_mandriva_MDVSA_2010_215.nasl |
2010-07-16 | Name : Mandriva Update for python MDVSA-2010:132 (python) File : nvt/gb_mandriva_MDVSA_2010_132.nasl |
2010-05-12 | Name : Mac OS X Security Update 2009-001 File : nvt/macosx_secupd_2009-001.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for Python File : nvt/sles10_python.nasl |
2009-10-10 | Name : SLES9: Security update for Python File : nvt/sles9p5032900.nasl |
2009-08-17 | Name : CentOS Security Advisory CESA-2009:1176 (python) File : nvt/ovcesa2009_1176.nasl |
2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1176 File : nvt/RHSA_2009_1176.nasl |
2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1177 File : nvt/RHSA_2009_1177.nasl |
2009-07-29 | Name : CentOS Security Advisory CESA-2009:1178 (python) File : nvt/ovcesa2009_1178.nasl |
2009-07-29 | Name : RedHat Security Advisory RHSA-2009:1178 File : nvt/RHSA_2009_1178.nasl |
2009-04-09 | Name : Mandriva Update for python MDVSA-2008:085 (python) File : nvt/gb_mandriva_MDVSA_2008_085.nasl |
2009-04-09 | Name : Mandriva Update for python MDVSA-2008:163 (python) File : nvt/gb_mandriva_MDVSA_2008_163.nasl |
2009-03-23 | Name : Ubuntu Update for python2.4, python2.5 vulnerabilities USN-632-1 File : nvt/gb_ubuntu_USN_632_1.nasl |
2009-02-13 | Name : Mandrake Security Advisory MDVSA-2009:036 (python) File : nvt/mdksa_2009_036.nasl |
2009-01-13 | Name : Mandrake Security Advisory MDVSA-2009:003 (python) File : nvt/mdksa_2009_003.nasl |
2008-11-24 | Name : Debian Security Advisory DSA 1667-1 (python2.4) File : nvt/deb_1667_1.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200807-01 (python) File : nvt/glsa_200807_01.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200807-16 (python) File : nvt/glsa_200807_16.nasl |
2008-09-17 | Name : FreeBSD Ports: python24 File : nvt/freebsd_python24.nasl |
2008-09-04 | Name : FreeBSD Ports: python23 File : nvt/freebsd_python23.nasl |
2008-08-22 | Name : Python Multiple Vulnerabilities (Linux) File : nvt/secpod_python_mult_vuln_lin_900106.nasl |
2008-08-22 | Name : Python Multiple Vulnerabilities (Win) File : nvt/secpod_python_mult_vuln_win_900105.nasl |
2008-08-15 | Name : Debian Security Advisory DSA 1620-1 (python2.5) File : nvt/deb_1620_1.nasl |
2008-04-21 | Name : Debian Security Advisory DSA 1551-1 (python2.4) File : nvt/deb_1551_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2008-217-01 python File : nvt/esoft_slk_ssa_2008_217_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50096 | Python Overflow Python/ Multiple Files Unspecified Overflow |
50095 | Python Overflow Parser/node.c Unspecified Overflow |
50094 | Python Overflow Objects/ Multiple Files Unspecified Overflow |
50093 | Python Overflow Modules/ Multiple Files Unspecified Overflow |
50092 | Python Overflow Include/pymem.h Unspecified Overflow |
47481 | Python mysnprintf.c PyOS_vsnprintf Function Multiple Overflows Python contains a flaw that may allow a denial of service. The issue is triggered by an integer overflow in the PyOS_vsnprintf function in Python/mysnprintf.c, and will result in loss of availability for the affected process. |
47480 | Python PyMem_RESIZE Macro unicode_resize Function Unicode String Handling Mul... |
47479 | Python hashlib Module _hashopenssl.c Overflow Cryptographic Digest Manipulation |
47478 | Python Multiple Modules Multiple Unspecified Overflows |
44730 | Python PyString_FromStringAndSize Function Memory Allocation Overflow |
44693 | Python zlib Extension Module Signed Integer Handling Arbitrary Remote Code Ex... An overflow exists in python. Python fails to validate input resulting in a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
44463 | Python imageop.c Crafted Images Multiple Overflows |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_python_20130313.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1176.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1178.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-1177.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090728_python_for_SL_4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090728_python_for_SL_3_0_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090727_python_for_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-11-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-215.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-132.nasl - Type : ACT_GATHER_INFO |
2010-02-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1977.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1176.nasl - Type : ACT_GATHER_INFO |
2009-11-23 | Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12215.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1178.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1176.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1177.nasl - Type : ACT_GATHER_INFO |
2009-07-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1178.nasl - Type : ACT_GATHER_INFO |
2009-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-806-1.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_python-080801.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-163.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-003.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-085.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-001.nasl - Type : ACT_GATHER_INFO |
2008-11-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1667.nasl - Type : ACT_GATHER_INFO |
2008-09-11 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_0dccaa287f3c11dd8de50030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-08-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_python-5490.nasl - Type : ACT_GATHER_INFO |
2008-08-17 | Name : The remote openSUSE host is missing a security update. File : suse_python-5491.nasl - Type : ACT_GATHER_INFO |
2008-08-05 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-217-01.nasl - Type : ACT_GATHER_INFO |
2008-08-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-632-1.nasl - Type : ACT_GATHER_INFO |
2008-08-01 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-16.nasl - Type : ACT_GATHER_INFO |
2008-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1620.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200807-01.nasl - Type : ACT_GATHER_INFO |
2008-04-28 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ec41c3e2129c11ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO |
2008-04-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1551.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:05:14 |
|