ID CVE-2008-5031 Type cve Reporter cve@mitre.org Modified 2019-10-25T11:53:00
Description
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.
{"openvas": [{"lastseen": "2018-04-06T11:40:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200907-16.", "modified": "2018-04-06T00:00:00", "published": "2009-07-29T00:00:00", "id": "OPENVAS:136141256231064438", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064438", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200907-16 (python)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in Python have an unspecified impact.\";\ntag_solution = \"All Python 2.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.4-r2'\n\nAll Python 2.4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200907-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=246991\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200907-16.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64438\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200907-16 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.5.4-r2\", \"rge 2.4.6\"), vulnerable: make_list(\"lt 2.5.4-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "description": "This host has Python installed and is prone to integer overflow\n vulnerability.", "modified": "2017-02-20T00:00:00", "published": "2008-11-14T00:00:00", "id": "OPENVAS:800056", "href": "http://plugins.openvas.org/nasl.php?oid=800056", "type": "openvas", "title": "Python Multiple Integer Overflow Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_python_intgr_overflow_vuln_win.nasl 5370 2017-02-20 15:24:26Z cfi $\n#\n# Python Multiple Integer Overflow Vulnerabilities (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Remote exploitation will allow execution of arbitrary code via large number\n of integer values to modules.\n Impact Level: Application\";\ntag_affected = \"Python 2.5.2 on Windows.\";\ntag_insight = \"The flaw exists due the the way it handles large integer values in the\n tabsize arguments as input to expandtabs methods (string_expandtabs and\n nicode_expandtabs) in stringobject.c and unicodeobject.c.\";\ntag_solution = \"Upgrade to Python 2.5.5 or later.\n For updates refer to http://www.python.org/\";\ntag_summary = \"This host has Python installed and is prone to integer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(800056);\n script_version(\"$Revision: 5370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 16:24:26 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-14 10:43:16 +0100 (Fri, 14 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2008-5031\");\n script_name(\"Python Multiple Integer Overflow Vulnerabilities (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!(get_kb_item(\"SMB/WindowsVersion\"))){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\n\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach entry (registry_enum_keys(key:key))\n{\n pyName = registry_get_sz(key:key + entry, item:\"DisplayName\");\n if(\"Python\" >< pyName)\n {\n pyVer = eregmatch(pattern:\"[0-9.]+\", string:pyName);\n if(pyVer != NULL)\n {\n if(version_is_equal(version:pyVer[0], test_version:\"2.5.2\")){\n security_message(0);\n }\n }\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-11-13T20:25:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "description": "This host has Python installed and is prone to integer overflow\n vulnerability.", "modified": "2019-11-12T00:00:00", "published": "2008-11-14T00:00:00", "id": "OPENVAS:1361412562310800056", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800056", "type": "openvas", "title": "Python Multiple Integer Overflow Vulnerabilities (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Python Multiple Integer Overflow Vulnerabilities (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:python:python\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800056\");\n script_version(\"2019-11-12T13:34:01+0000\");\n script_cve_id(\"CVE-2008-5031\");\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:34:01 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2008-11-14 10:43:16 +0100 (Fri, 14 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Python Multiple Integer Overflow Vulnerabilities (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_python_detect_win.nasl\");\n script_mandatory_keys(\"python/win/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.python.org/\");\n\n script_tag(name:\"impact\", value:\"Remote exploitation will allow execution of arbitrary code via large number\n of integer values to modules.\");\n\n script_tag(name:\"affected\", value:\"Python 2.5.2 on Windows.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due the the way it handles large integer values in the\n tabsize arguments as input to expandtabs methods (string_expandtabs and\n nicode_expandtabs) in stringobject.c and unicodeobject.c.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Python 2.5.5 or later.\");\n\n script_tag(name:\"summary\", value:\"This host has Python installed and is prone to integer overflow\n vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\n\nif( version_is_less_equal( version:vers, test_version:\"2.5.2\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.5\", install_path:path );\n security_message( port:0, data:report );\n}\n\nexit( 0 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:57:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200907-16.", "modified": "2017-07-07T00:00:00", "published": "2009-07-29T00:00:00", "id": "OPENVAS:64438", "href": "http://plugins.openvas.org/nasl.php?oid=64438", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200907-16 (python)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in Python have an unspecified impact.\";\ntag_solution = \"All Python 2.5 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.4-r2'\n\nAll Python 2.4 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200907-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=246991\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200907-16.\";\n\n \n \n\nif(description)\n{\n script_id(64438);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200907-16 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.5.4-r2\", \"rge 2.4.6\"), vulnerable: make_list(\"lt 2.5.4-r2\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65048", "href": "http://plugins.openvas.org/nasl.php?oid=65048", "type": "openvas", "title": "SLES9: Security update for Python", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5040780.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65048);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.3~88.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing an update to python2.5\nannounced via advisory USN-806-1.", "modified": "2017-12-01T00:00:00", "published": "2009-07-29T00:00:00", "id": "OPENVAS:64488", "href": "http://plugins.openvas.org/nasl.php?oid=64488", "type": "openvas", "title": "Ubuntu USN-806-1 (python2.5)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_806_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_806_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-806-1 (python2.5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n python2.4 2.4.3-0ubuntu6.3\n python2.4-minimal 2.4.3-0ubuntu6.3\n\nUbuntu 8.04 LTS:\n python2.4 2.4.5-1ubuntu4.2\n python2.4-minimal 2.4.5-1ubuntu4.2\n python2.5 2.5.2-2ubuntu6\n python2.5-minimal 2.5.2-2ubuntu6\n\nUbuntu 8.10:\n python2.4 2.4.5-5ubuntu1.1\n python2.4-minimal 2.4.5-5ubuntu1.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-806-1\";\n\ntag_insight = \"It was discovered that Python incorrectly handled certain arguments in the\nimageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code with\nuser privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS.\n(CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject and\nunicodeobject expandtabs method. If an attacker were able to exploit these\nflaws they could execute arbitrary code with user privileges or cause\nPython applications to crash, leading to a denial of service.\n(CVE-2008-5031)\";\ntag_summary = \"The remote host is missing an update to python2.5\nannounced via advisory USN-806-1.\";\n\n \n\n\nif(description)\n{\n script_id(64488);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-806-1 (python2.5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-806-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-gdbm\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-tk\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-doc\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-examples\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.5\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-dbg\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-dev\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-minimal\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65933", "href": "http://plugins.openvas.org/nasl.php?oid=65933", "type": "openvas", "title": "SLES10: Security update for Python", "sourceData": "#\n#VID slesp2-python-5837\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65933);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065048", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065048", "type": "openvas", "title": "SLES9: Security update for Python", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5040780.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65048\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.3~88.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065933", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065933", "type": "openvas", "title": "SLES10: Security update for Python", "sourceData": "#\n#VID slesp2-python-5837\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65933\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "description": "The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.", "modified": "2018-04-06T00:00:00", "published": "2009-01-13T00:00:00", "id": "OPENVAS:136141256231063136", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063136", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:003 (python)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_003.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:003 (python)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to\nbreak out of the Python VM and execute arbitrary code via large\ninteger values in certain arguments to the crop function, leading to\na buffer overflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via\na large integer value in the tabsize argument to the expandtabs\nmethod, as implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:003\";\ntag_summary = \"The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63136\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2007-4965\", \"CVE-2008-1679\", \"CVE-2008-4864\", \"CVE-2008-2315\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:003 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4\", rpm:\"libpython2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4-devel\", rpm:\"libpython2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4\", rpm:\"lib64python2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4-devel\", rpm:\"lib64python2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5031"], "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nChris Evans reported multiple integer overflows in the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. \n\n### Impact\n\nA remote attacker could exploit these vulnerabilities in Python applications or daemons that pass user-controlled input to vulnerable functions. The security impact is currently unknown but may include the execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Python 2.5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.5.4-r2\"\n\nAll Python 2.4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.4.6\"", "edition": 1, "modified": "2009-07-19T00:00:00", "published": "2009-07-19T00:00:00", "id": "GLSA-200907-16", "href": "https://security.gentoo.org/glsa/200907-16", "type": "gentoo", "title": "Python: Integer overflows", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:46:45", "description": "Bugtraq ID:33187\r\nCVE ID: CVE-2008-5031\r\n\r\nPython\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u811a\u672c\u7f16\u7a0b\u8bed\u8a00\u3002\r\nPython\u5b58\u5728\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\uff0c\u5141\u8bb8\u4e0a\u4e0b\u6587\u72ec\u7acb\u7684\u653b\u51fb\u8005\u5411expandtabs\u65b9\u6cd5\u63d0\u4ea4\u5305\u542b\u8d85\u5927\u6574\u6570\u503c\u7684tabsize\u53c2\u6570\u89e6\u53d1\u3002\u5176\u4e2dObjects/stringobject.c\u4e2d\u7684string_expandtabs\u51fd\u6570\u548cObjects/unicodeobject.c\u4e2d\u7684unicode_expandtabs\u51fd\u6570\u5b9e\u73b0\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\u3002\n0\nPython 2.2.3 - 2.5.1\r\nPython 2.6\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c\r\nhttp://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c", "published": "2013-02-03T00:00:00", "title": "Python 'expandtabs'\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-5031"], "modified": "2013-02-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60622", "id": "SSV:60622", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "nessus": [{"lastseen": "2021-01-07T10:52:33", "description": "The remote host is affected by the vulnerability described in GLSA-200907-16\n(Python: Integer overflows)\n\n Chris Evans reported multiple integer overflows in the expandtabs\n method, as implemented by (1) the string_expandtabs function in\n Objects/stringobject.c and (2) the unicode_expandtabs function in\n Objects/unicodeobject.c.\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities in Python\n applications or daemons that pass user-controlled input to vulnerable\n functions. The security impact is currently unknown but may include the\n execution of arbitrary code or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2009-07-20T00:00:00", "title": "GLSA-200907-16 : Python: Integer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "modified": "2009-07-20T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:python"], "id": "GENTOO_GLSA-200907-16.NASL", "href": "https://www.tenable.com/plugins/nessus/39870", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200907-16.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39870);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5031\");\n script_bugtraq_id(33187);\n script_xref(name:\"GLSA\", value:\"200907-16\");\n\n script_name(english:\"GLSA-200907-16 : Python: Integer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200907-16\n(Python: Integer overflows)\n\n Chris Evans reported multiple integer overflows in the expandtabs\n method, as implemented by (1) the string_expandtabs function in\n Objects/stringobject.c and (2) the unicode_expandtabs function in\n Objects/unicodeobject.c.\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities in Python\n applications or daemons that pass user-controlled input to vulnerable\n functions. The security impact is currently unknown but may include the\n execution of arbitrary code or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200907-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Python 2.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.4-r2'\n All Python 2.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/python\", unaffected:make_list(\"ge 2.5.4-r2\", \"rge 2.4.6\"), vulnerable:make_list(\"lt 2.5.4-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Python\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:33:09", "description": "Integer Overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864 / CVE-2008-5031)", "edition": 22, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : Python (ZYPP Patch Number 5837)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_PYTHON-5837.NASL", "href": "https://www.tenable.com/plugins/nessus/41581", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41581);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:33\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"SuSE 10 Security Update : Python (ZYPP Patch Number 5837)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer Overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864 / CVE-2008-5031)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5837.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-curses-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-devel-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-gdbm-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-tk-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-xml-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-curses-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-demo-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-devel-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-gdbm-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-idle-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-tk-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-xml-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.25\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:50:22", "description": "Integer overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864, CVE-2008-5031)", "edition": 22, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : Python (YOU Patch Number 12316)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12316.NASL", "href": "https://www.tenable.com/plugins/nessus/41260", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(41260);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/10/25 13:36:31\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"SuSE9 Security Update : Python (YOU Patch Number 12316)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864, CVE-2008-5031)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12316.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"python-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-curses-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-demo-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-devel-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-doc-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-doc-pdf-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-gdbm-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-idle-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-mpz-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-tk-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-xml-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"python-32bit-9-200812011728\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:57:05", "description": "It was discovered that Python incorrectly handled certain arguments in\nthe imageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code\nwith user privileges. For Python 2.5, this issue only affected Ubuntu\n8.04 LTS. (CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject\nand unicodeobject expandtabs method. If an attacker were able to\nexploit these flaws they could execute arbitrary code with user\nprivileges or cause Python applications to crash, leading to a denial\nof service. (CVE-2008-5031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2009-07-24T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-2315", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.4-dev", "p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal", "p-cpe:/a:canonical:ubuntu_linux:python2.4-doc", "p-cpe:/a:canonical:ubuntu_linux:idle-python2.5", "p-cpe:/a:canonical:ubuntu_linux:python2.4", "p-cpe:/a:canonical:ubuntu_linux:python2.5", "p-cpe:/a:canonical:ubuntu_linux:idle-python2.4", "p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal", "p-cpe:/a:canonical:ubuntu_linux:python2.4-examples", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.4-gdbm", "p-cpe:/a:canonical:ubuntu_linux:python2.5-dev", "p-cpe:/a:canonical:ubuntu_linux:python2.4-dbg", "p-cpe:/a:canonical:ubuntu_linux:python2.5-doc", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:python2.4-tk", "p-cpe:/a:canonical:ubuntu_linux:python2.5-dbg", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.5-examples"], "id": "UBUNTU_USN-806-1.NASL", "href": "https://www.tenable.com/plugins/nessus/40361", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-806-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40361);\n script_version(\"1.16\");\n script_cvs_date(\"Date: 2019/08/02 13:33:02\");\n\n script_cve_id(\"CVE-2008-2315\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(31932, 31976, 33187);\n script_xref(name:\"USN\", value:\"806-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python incorrectly handled certain arguments in\nthe imageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code\nwith user privileges. For Python 2.5, this issue only affected Ubuntu\n8.04 LTS. (CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject\nand unicodeobject expandtabs method. If an attacker were able to\nexploit these flaws they could execute arbitrary code with user\nprivileges or cause Python applications to crash, leading to a denial\nof service. (CVE-2008-5031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/806-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:idle-python2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:idle-python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"idle-python2.4\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-dev\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-doc\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-examples\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-gdbm\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-tk\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"idle-python2.4\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"idle-python2.5\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-dev\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-doc\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-examples\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-dbg\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-dev\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-doc\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-examples\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-minimal\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"idle-python2.4\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-dev\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-doc\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-examples\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"idle-python2.4 / idle-python2.5 / python2.4 / python2.4-dbg / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:52:01", "description": "Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to break\nout of the Python VM and execute arbitrary code via large integer\nvalues in certain arguments to the crop function, leading to a buffer\noverflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via a\nlarge integer value in the tabsize argument to the expandtabs method,\nas implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : python (MDVSA-2009:003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64python2.5-devel", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:libpython2.5-devel", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:python", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64python2.5", "p-cpe:/a:mandriva:linux:python-base", "p-cpe:/a:mandriva:linux:libpython2.5"], "id": "MANDRIVA_MDVSA-2009-003.NASL", "href": "https://www.tenable.com/plugins/nessus/36693", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:003. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36693);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(31976);\n script_xref(name:\"MDVSA\", value:\"2009:003\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2009:003)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to break\nout of the Python VM and execute arbitrary code via large integer\nvalues in certain arguments to the crop function, leading to a buffer\noverflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via a\nlarge integer value in the tabsize argument to the expandtabs method,\nas implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-base-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-docs-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-apps-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-base-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-docs-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tkinter-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tkinter-apps-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-base-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-docs-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-apps-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T05:33:26", "description": "When the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nWould like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.", "edition": 25, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : python for SL 3.0.x on i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090728_PYTHON_FOR_SL_3_0_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60624", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60624);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/25 13:36:18\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"Scientific Linux Security Update : python for SL 3.0.x on i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nWould like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=2408\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?492e1514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:57:02", "description": "Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 27, "published": "2009-07-28T00:00:00", "title": "RHEL 3 : python (RHSA-2009:1178)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:tkinter"], "id": "REDHAT-RHSA-2009-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/40402", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1178. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40402);\n script_version (\"1.25\");\n script_cvs_date(\"Date: 2019/10/25 13:36:14\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1178\");\n\n script_name(english:\"RHEL 3 : python (RHSA-2009:1178)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1178\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1178\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"python-2.2.3-6.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"python-devel-2.2.3-6.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"python-tools-2.2.3-6.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-tools / tkinter\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:35:58", "description": "From Red Hat Security Advisory 2009:1178 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : python (ELSA-2009-1178)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tkinter", "p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-tools", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:python-devel"], "id": "ORACLELINUX_ELSA-2009-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/67898", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1178 and \n# Oracle Linux Security Advisory ELSA-2009-1178 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67898);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/10/25 13:36:08\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1178\");\n\n script_name(english:\"Oracle Linux 3 : python (ELSA-2009-1178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1178 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001092.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tkinter-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-tools / tkinter\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:50", "description": "Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 28, "published": "2009-07-28T00:00:00", "title": "CentOS 3 : python (CESA-2009:1178)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2009-07-28T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tkinter", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-docs", "p-cpe:/a:centos:centos:python-tools", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/40394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1178 and \n# CentOS Errata and Security Advisory 2009:1178 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40394);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1178\");\n\n script_name(english:\"CentOS 3 : python (CESA-2009:1178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016040.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe2ccaf6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016041.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dfc5e7af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"tkinter-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T04:57:01", "description": "Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the Python interpreter's privileges.\n(CVE-2008-1721)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 27, "published": "2009-07-28T00:00:00", "title": "RHEL 4 : python (RHSA-2009:1177)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:tkinter", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:python-docs"], "id": "REDHAT-RHSA-2009-1177.NASL", "href": "https://www.tenable.com/plugins/nessus/40401", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1177. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(40401);\n script_version (\"1.26\");\n script_cvs_date(\"Date: 2019/10/25 13:36:14\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1721\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1177\");\n\n script_name(english:\"RHEL 4 : python (RHSA-2009:1177)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it\ncould cause the application to crash or, potentially, execute\narbitrary code with the Python interpreter's privileges.\n(CVE-2008-1721)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-1887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3142\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-4864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5031\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1177\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1177\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"python-2.3.4-14.7.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-devel-2.3.4-14.7.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-docs-2.3.4-14.7.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-tools-2.3.4-14.7.el4_8.2\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tkinter-2.3.4-14.7.el4_8.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "It was discovered that Python incorrectly handled certain arguments in the \nimageop module. If an attacker were able to pass specially crafted \narguments through the crop function, they could execute arbitrary code with \nuser privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. \n(CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject and \nunicodeobject expandtabs method. If an attacker were able to exploit these \nflaws they could execute arbitrary code with user privileges or cause \nPython applications to crash, leading to a denial of service. \n(CVE-2008-5031)", "edition": 5, "modified": "2009-07-23T00:00:00", "published": "2009-07-23T00:00:00", "id": "USN-806-1", "href": "https://ubuntu.com/security/notices/USN-806-1", "title": "Python vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:36", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1679", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2018-05-26T04:26:17", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1178", "href": "https://access.redhat.com/errata/RHSA-2009:1178", "type": "redhat", "title": "(RHSA-2009:1178) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1679", "CVE-2008-1721", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2017-09-08T11:50:33", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1177", "href": "https://access.redhat.com/errata/RHSA-2009:1177", "type": "redhat", "title": "(RHSA-2009:1177) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2007-4965", "CVE-2008-1721", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to disclose sensitive information, crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2007-4965, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nA flaw was discovered in the strxfrm() function of the Python locale\nmodule. Strings generated by this function were not properly\nNULL-terminated, which could possibly cause disclosure of data stored in\nthe memory of a Python application using this function. (CVE-2007-2052)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-2315 issue.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2017-09-08T12:10:58", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1176", "href": "https://access.redhat.com/errata/RHSA-2009:1176", "type": "redhat", "title": "(RHSA-2009:1176) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:27:58", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1178\n\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028078.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028079.html\n\n**Affected packages:**\npython\npython-devel\npython-docs\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1178.html", "edition": 4, "modified": "2009-07-27T15:26:24", "published": "2009-07-27T15:25:44", "href": "http://lists.centos.org/pipermail/centos-announce/2009-July/028078.html", "id": "CESA-2009:1178", "title": "python, tkinter security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:11", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2007-4965", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1887", "CVE-2008-5031"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1176\n\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to disclose sensitive information, crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2007-4965, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nA flaw was discovered in the strxfrm() function of the Python locale\nmodule. Strings generated by this function were not properly\nNULL-terminated, which could possibly cause disclosure of data stored in\nthe memory of a Python application using this function. (CVE-2007-2052)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-2315 issue.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028088.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028089.html\n\n**Affected packages:**\npython\npython-devel\npython-tools\ntkinter\n\n**Upstream details at:**\n", "edition": 3, "modified": "2009-07-29T17:31:50", "published": "2009-07-29T17:31:50", "href": "http://lists.centos.org/pipermail/centos-announce/2009-July/028088.html", "id": "CESA-2009:1176", "title": "python, tkinter security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.2.3-6.11]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486114\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008\n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143) \n- Resolves: 455013\n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031)\n- Resolves: 470915\n- imageop module integer overflows (CVE-2008-1679)\n- CVE-2008-1679 patch is part of python-2.2.3-CVE-2008-4864-imageop-1.patch\n- Resolves: 441306", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1178", "href": "http://linux.oracle.com/errata/ELSA-2009-1178.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:40", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.3.4-14.7.el4_8.2]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486329\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008 \n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143)\n- Resolves: 455013 \n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031)\n- Resolves: 470915\n- integer signedness error in the zlib extension module (CVE-2008-1721)\n- Resolves: 442005\n- imageop module integer overflows (CVE-2008-1679)\n- CVE-2008-1679 patch is part of python-2.3.4-CVE-2008-4864-imageop-{1,2}.patch\n- Resolves: 441306 ", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1177", "href": "http://linux.oracle.com/errata/ELSA-2009-1177.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2007-4965", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.4.3-24.el5_3.6]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486351\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008\n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143)\n- Resolves: 455013\n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031) \n- Resolves: 470915\n- integer signedness error in the zlib extension module (CVE-2008-1721)\n- Resolves: 442005\n- off-by-one locale.strxfrm() (possible memory disclosure) (CVE-2007-2052)\n- Resolves: 235093\n- imageop module heap corruption (CVE-2007-4965)\n- Resolves: 295971 ", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1176", "href": "http://linux.oracle.com/errata/ELSA-2009-1176.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "vmware": [{"lastseen": "2019-11-06T16:05:47", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-2052", "CVE-2009-1095", "CVE-2009-1093", "CVE-2009-1104", "CVE-2009-1096", "CVE-2009-2670", "CVE-2009-1895", "CVE-2009-2692", "CVE-2009-1099", "CVE-2009-2716", "CVE-2009-2417", "CVE-2008-1721", "CVE-2009-1097", "CVE-2008-3143", "CVE-2009-2414", "CVE-2008-4864", "CVE-2009-1385", "CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0033", "CVE-2009-2723", "CVE-2009-2718", "CVE-2007-5333", "CVE-2009-0675", "CVE-2009-0747", "CVE-2009-0787", "CVE-2009-2416", "CVE-2008-4307", "CVE-2009-0696", "CVE-2009-2722", "CVE-2007-4965", "CVE-2009-0746", "CVE-2009-0580", "CVE-2009-2698", "CVE-2009-0028", "CVE-2009-2720", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-2625", "CVE-2008-1947", "CVE-2009-0778", "CVE-2009-2673", "CVE-2009-1100", "CVE-2008-3144", "CVE-2009-1072", "CVE-2009-0322", "CVE-2009-0159", "CVE-2009-0676", "CVE-2009-1192", "CVE-2009-1098", "CVE-2009-1094", "CVE-2009-0745", "CVE-2007-5461", "CVE-2008-3142", "CVE-2009-2407", "CVE-2009-1106", "CVE-2009-1337", "CVE-2009-1103", "CVE-2007-5966", "CVE-2009-1388", "CVE-2009-0783", "CVE-2009-0269", "CVE-2007-6286", "CVE-2009-2724", "CVE-2009-1389", "CVE-2008-2370", "CVE-2009-0834", "CVE-2009-1633", "CVE-2008-2315", "CVE-2009-0748", "CVE-2009-1101", "CVE-2009-2406", "CVE-2009-1439", "CVE-2009-1336", "CVE-2009-2848", "CVE-2009-1252", "CVE-2008-1887", "CVE-2009-1107", "CVE-2009-2671", "CVE-2008-1232", "CVE-2008-5031", "CVE-2009-1102", "CVE-2009-1630", "CVE-2009-2672", "CVE-2009-2847", "CVE-2009-2719", "CVE-2009-2676", "CVE-2009-1105", "CVE-2009-2721", "CVE-2009-2675", "CVE-2008-0002"], "description": "a. JRE Security Update \n \nJRE update to version 1.5.0_20, which addresses multiple security \nissues that existed in earlier releases of JRE. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, \nCVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, \nCVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, \nCVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, \nCVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, \nCVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, \nCVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 4, "modified": "2010-03-29T00:00:00", "published": "2009-11-20T00:00:00", "id": "VMSA-2009-0016", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0016.html", "title": "VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.", "type": "vmware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
