Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2880-1:28B7E
HistoryMar 17, 2014 - 6:07 p.m.

[SECURITY] [DSA 2880-1] python2.7 security update

2014-03-1718:07:37
lists.debian.org
27

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.53 Medium

EPSS

Percentile

97.6%

JSON

Debian Security Advisory DSA-2880-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
March 17, 2014 http://www.debian.org/security/faq

Package : python2.7
CVE ID : CVE-2013-4238 CVE-2014-1912

Multiple security issues were discovered in Python:

CVE-2013-4238

Ryan Sleevi that NULL charactors in the subject alternate names of
SSL cerficates were parsed incorrectly.

CVE-2014-1912

Ryan Smith-Roberts discovered a buffer overflow in the 
socket.recvfrom_into() function.

For the stable distribution (wheezy), these problems have been fixed in
version 2.7.3-6+deb7u2.

For the unstable distribution (sid), these problems have been fixed in
version 2.7.6-7.

We recommend that you upgrade your python2.7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7kfreebsd-amd64python2.7-dbg< 2.7.3-6+deb7u2python2.7-dbg_2.7.3-6+deb7u2_kfreebsd-amd64.deb
Debian7allpython2.7< 2.7.3-6+deb7u2python2.7_2.7.3-6+deb7u2_all.deb
Debian7s390python2.7-dev< 2.7.3-6+deb7u2python2.7-dev_2.7.3-6+deb7u2_s390.deb
Debian7armelpython2.7-minimal< 2.7.3-6+deb7u2python2.7-minimal_2.7.3-6+deb7u2_armel.deb
Debian6amd64python2.6< 2.6.6-8+deb6u1python2.6_2.6.6-8+deb6u1_amd64.deb
Debian7s390xlibpython2.7< 2.7.3-6+deb7u2libpython2.7_2.7.3-6+deb7u2_s390x.deb
Debian7allpython2.7-examples< 2.7.3-6+deb7u2python2.7-examples_2.7.3-6+deb7u2_all.deb
Debian7s390xpython2.7-dbg< 2.7.3-6+deb7u2python2.7-dbg_2.7.3-6+deb7u2_s390x.deb
Debian7kfreebsd-amd64python2.7< 2.7.3-6+deb7u2python2.7_2.7.3-6+deb7u2_kfreebsd-amd64.deb
Debian6i386libpython2.6< 2.6.6-8+deb6u1libpython2.6_2.6.6-8+deb6u1_i386.deb
Rows per page:
1-10 of 831

Related

osv 4
openvas 62
nessus 56
seebug 3
exploitpack 1
zdt 1
fedora 12
securityvulns 6
debiancve 2
ubuntu 5
cve 3
amazon 4
freebsd 1
prion 3
ubuntucve 2
oraclelinux 3
redhat 4
centos 2
exploitdb 1
mageia 3
f5 3
veracode 6
debian 1
ibm 4
gentoo 1
vmware 2
suse 1
rosalinux 1
oracle 1
osv
osv
python2.7 - security update
2014-03-17 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2880-1)
2014-03-16 00:00:00
Debian Security Advisory DSA 2880-1 (python2.7 - security update)
2014-03-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1006-1)
2021-06-09 00:00:00
nessus
nessus
Debian DSA-2880-1 : python2.7 - security update
2014-03-18 00:00:00
openSUSE Security Update : python (openSUSE-SU-2014:0380-1)
2014-06-13 00:00:00
Mandriva Linux Security Advisory : python (MDVSA-2014:041)
2014-02-20 00:00:00
seebug
seebug
Python &quot;sock_recvfrom_into()&quot; 缓冲区溢出漏洞
2014-02-25 00:00:00
Python socket.recvfrom_into() - Remote Buffer Overflow
2014-07-01 00:00:00
Python多个安全漏洞
2013-12-30 00:00:00
exploitpack
exploitpack
Python - socket.recvfrom_into() Remote Buffer Overflow
2014-02-24 00:00:00
zdt
zdt
Python socket.recvfrom_into() remote buffer overflow exploit
2014-02-23 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: python-2.7.5-10.fc20
2014-02-14 07:51:33
[SECURITY] Fedora 20 Update: python3-3.3.2-9.fc20
2014-02-15 07:05:19
[SECURITY] Fedora 19 Update: python-2.7.5-4.fc19
2013-08-24 22:27:19
securityvulns
securityvulns
[ MDVSA-2014:041 ] python
2014-03-03 00:00:00
Python buffer overflow
2014-03-03 00:00:00
Python SSL certificate check bypass
2013-10-02 00:00:00
debiancve
debiancve
CVE-2014-1912
2014-03-01 00:55:00
CVE-2013-4238
2013-08-18 02:52:00
ubuntu
ubuntu
Python vulnerability
2014-03-03 00:00:00
Python 2.6 vulnerability
2013-10-01 00:00:00
Python 2.7 vulnerabilities
2013-10-01 00:00:00
cve
cve
CVE-2014-1912
2014-03-01 00:55:00
CVE-2013-4328
2013-08-27 03:34:00
CVE-2013-4238
2013-08-18 02:52:00
amazon
amazon
Medium: python27
2014-02-26 14:28:00
Medium: python26
2014-02-26 14:28:00
Medium: python27
2013-09-04 13:31:00
freebsd
freebsd
Python -- buffer overflow in socket.recvfrom_into()
2014-01-14 00:00:00
prion
prion
Buffer overflow
2014-03-01 00:55:00
Design/Logic Flaw
2013-08-18 02:52:00
Design/Logic Flaw
2013-08-27 03:34:00
ubuntucve
ubuntucve
CVE-2014-1912
2014-02-21 00:00:00
CVE-2013-4238
2013-08-17 00:00:00
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2013-11-26 00:00:00
python security, bug fix, and enhancement update
2015-07-28 00:00:00
python27 security, bug fix, and enhancement update
2016-02-04 00:00:00
redhat
redhat
(RHSA-2013:1582) Moderate: python security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update
2015-06-04 00:00:00
centos
centos
python, tkinter security update
2013-11-26 13:32:42
python, tkinter security update
2015-07-26 14:11:19
exploitdb
exploitdb
Python - &#039;socket.recvfrom_into()&#039; Remote Buffer Overflow
2014-02-24 00:00:00
mageia
mageia
Updated python & python3 packages fix multiple vulnerabilities
2014-02-20 01:24:08
Updated python3, bzr and some python packages fix security vulnerabilties
2013-08-22 21:58:14
Updated python packages fix CVE-2013-4328 and pip
2013-08-17 12:43:24
f5
f5
K93278412 : Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650
2017-07-21 00:00:00
SOL15638 - Python vulnerability CVE-2013-4238
2014-09-29 00:00:00
K15638 : Python vulnerability CVE-2013-4238
2014-10-17 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2019-01-15 08:51:35
Improper Input Validation
2019-05-02 05:39:24
Sensitive Information Leakage
2019-05-02 05:39:25
debian
debian
[DLA 25-1] python2.6 security update
2014-07-31 21:07:32
ibm
ibm
Security Bulletin: Python vulnerabilities affect IBM SmartCloud Entry (CVE-2013-1752 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185)
2020-07-19 00:49:12
Security Bulletin: Multiple Vulnerabilities in python 2.6.4 used in OS Image for AIX shipped with IBM Cloud Pak System
2020-05-06 11:57:04
Security Bulletin: Docker and Python as used in IBM QRadar SIEM is vulnerable to various CVEs.
2018-06-16 22:01:04
gentoo
gentoo
Python: Multiple vulnerabilities
2015-03-18 00:00:00
vmware
vmware
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
suse
suse
Security update for python3 (important)
2020-01-21 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1957
2021-07-02 18:03:40
oracle
oracle
Oracle Critical Patch Update Advisory - July 2017
2018-03-20 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.53 Medium

EPSS

Percentile

97.6%

JSON
Related for DEBIAN:DSA-2880-1:28B7E
osv4openvas62nessus56seebug3exploitpack1zdt1fedora12securityvulns6debiancve2ubuntu5cve3amazon4freebsd1prion3ubuntucve2oraclelinux3redhat4centos2exploitdb1mageia3f53veracode6debian1ibm4gentoo1vmware2suse1rosalinux1oracle1