ID CENTOS_RHSA-2016-2586.NASL Type nessus Reporter Tenable Modified 2016-11-28T00:00:00
Description
An update for python is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es) :
A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)
Additional Changes :
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2016:2586 and
# CentOS Errata and Security Advisory 2016:2586 respectively.
#
include("compat.inc");
if (description)
{
script_id(95332);
script_version("$Revision: 3.1 $");
script_cvs_date("$Date: 2016/11/28 15:05:43 $");
script_cve_id("CVE-2016-5636");
script_osvdb_id(140125);
script_xref(name:"RHSA", value:"2016:2586");
script_name(english:"CentOS 7 : python (CESA-2016:2586)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"An update for python is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security
impact of Low. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to
many system calls and libraries, as well as to various windowing
systems.
Security Fix(es) :
* A vulnerability was discovered in Python, in the built-in
zipimporter. A specially crafted zip file placed in a module path such
that it would be loaded by a later 'import' statement could cause a
heap overflow, leading to arbitrary code execution. (CVE-2016-5636)
Additional Changes :
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.3 Release Notes linked from the References section."
);
# http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003444.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?6cbce9ce"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected python packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:tkinter");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"patch_publication_date", value:"2016/11/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/11/28");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016 Tenable Network Security, Inc.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/CentOS/release")) audit(AUDIT_OS_NOT, "CentOS");
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-debug-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-devel-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-libs-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-test-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"python-tools-2.7.5-48.el7")) flag++;
if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"tkinter-2.7.5-48.el7")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"type": "nessus", "published": "2016-11-28T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95332", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d86683f3eeccbf44e2ab34f88d992b1c"}, {"key": "cvelist", "hash": "44f88fe1b50430a1cbe7a74903c281c2"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "65394783071bddd5b79bc60b7c1ecd6c"}, {"key": "href", "hash": "292d45b89536815ec9ef305e2e7f3c7b"}, {"key": "modified", "hash": "5b6e285ed6333e664cb3599907b7f5b6"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "pluginID", "hash": "717ed6f1e7caa3e5b388a0b592cc729b"}, {"key": "published", "hash": "5b6e285ed6333e664cb3599907b7f5b6"}, {"key": "references", "hash": "443dc22bcfc36b7042d3677e0af49006"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "2ec649d39fe1ffbafe5f21b638b2223d"}, {"key": "title", "hash": "0b968571bc3c04cc16405181220b3691"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "bulletinFamily": "scanner", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 10.0}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2586 and \n# CentOS Errata and Security Advisory 2016:2586 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95332);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2016/11/28 15:05:43 $\");\n\n script_cve_id(\"CVE-2016-5636\");\n script_osvdb_id(140125);\n script_xref(name:\"RHSA\", value:\"2016:2586\");\n\n script_name(english:\"CentOS 7 : python (CESA-2016:2586)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage, which includes modules, classes, exceptions, very high level\ndynamic data types and dynamic typing. Python supports interfaces to\nmany system calls and libraries, as well as to various windowing\nsystems.\n\nSecurity Fix(es) :\n\n* A vulnerability was discovered in Python, in the built-in\nzipimporter. A specially crafted zip file placed in a module path such\nthat it would be loaded by a later 'import' statement could cause a\nheap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n # http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003444.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cbce9ce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-debug-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-devel-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-libs-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-test-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-tools-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tkinter-2.7.5-48.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "viewCount": 23, "history": [{"lastseen": "2016-11-28T21:32:55", "edition": 1, "bulletin": {"type": "nessus", "published": "2016-11-28T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=95332", "hashmap": [{"key": "cvelist", "hash": "44f88fe1b50430a1cbe7a74903c281c2"}, {"key": "published", "hash": "5b6e285ed6333e664cb3599907b7f5b6"}, {"key": "href", "hash": "292d45b89536815ec9ef305e2e7f3c7b"}, {"key": "pluginID", "hash": "717ed6f1e7caa3e5b388a0b592cc729b"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "title", "hash": "0b968571bc3c04cc16405181220b3691"}, {"key": "sourceData", "hash": "2ec649d39fe1ffbafe5f21b638b2223d"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "naslFamily", "hash": "8f8213e8b86855939d5beea715ce3045"}, {"key": "references", "hash": "443dc22bcfc36b7042d3677e0af49006"}, {"key": "modified", "hash": "5b6e285ed6333e664cb3599907b7f5b6"}, {"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}, {"key": "description", "hash": "65394783071bddd5b79bc60b7c1ecd6c"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}], "bulletinFamily": "scanner", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 10.0}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2016:2586 and \n# CentOS Errata and Security Advisory 2016:2586 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95332);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2016/11/28 15:05:43 $\");\n\n script_cve_id(\"CVE-2016-5636\");\n script_osvdb_id(140125);\n script_xref(name:\"RHSA\", value:\"2016:2586\");\n\n script_name(english:\"CentOS 7 : python (CESA-2016:2586)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Low. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage, which includes modules, classes, exceptions, very high level\ndynamic data types and dynamic typing. Python supports interfaces to\nmany system calls and libraries, as well as to various windowing\nsystems.\n\nSecurity Fix(es) :\n\n* A vulnerability was discovered in Python, in the built-in\nzipimporter. A specially crafted zip file placed in a module path such\nthat it would be loaded by a later 'import' statement could cause a\nheap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.3 Release Notes linked from the References section.\"\n );\n # http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003444.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cbce9ce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016 Tenable Network Security, Inc.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-debug-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-devel-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-libs-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-test-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-tools-2.7.5-48.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"tkinter-2.7.5-48.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "viewCount": 14, "pluginID": "95332", "edition": 1, "objectVersion": "1.2", "reporter": "Tenable", "title": "CentOS 7 : python (CESA-2016:2586)", "lastseen": "2016-11-28T21:32:55", "enchantments": {}, "references": ["http://www.nessus.org/u?6cbce9ce"], "cvelist": ["CVE-2016-5636"], "naslFamily": "CentOS Local Security Checks", "hash": "f7529d5136e41837304551f70fb5fdb07f72def0f0f04e84543f58c65326951b", "history": [], "cpe": [], "id": "CENTOS_RHSA-2016-2586.NASL", "modified": "2016-11-28T00:00:00", "description": "An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es) :\n\n* A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section."}, "differentElements": ["cpe"]}], "edition": 2, "objectVersion": "1.3", "cpe": ["p-cpe:/a:centos:centos:tkinter", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-debug", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:python-test", "p-cpe:/a:centos:centos:python-libs", "p-cpe:/a:centos:centos:python-tools"], "reporter": "Tenable", "title": "CentOS 7 : python (CESA-2016:2586)", "enchantments": {"vulnersScore": 6.8}, "references": ["http://www.nessus.org/u?6cbce9ce"], "id": "CENTOS_RHSA-2016-2586.NASL", "naslFamily": "CentOS Local Security Checks", "hash": "f2ba1787e87ab79d9299d42e74cfe167fc9bcfe27bb176466d0adf057074bc4e", "pluginID": "95332", "lastseen": "2017-10-29T13:33:54", "cvelist": ["CVE-2016-5636"], "modified": "2016-11-28T00:00:00", "description": "An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es) :\n\n* A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section."}
{"result": {"cve": [{"id": "CVE-2016-5636", "type": "cve", "title": "CVE-2016-5636", "description": "Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.", "published": "2016-09-02T10:59:06", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5636", "cvelist": ["CVE-2016-5636"], "lastseen": "2018-01-05T11:52:18"}], "nessus": [{"id": "FREEBSD_PKG_1D0F685233D811E6A67160A44CE6887B.NASL", "type": "nessus", "title": "FreeBSD : Python -- Integer overflow in zipimport module (1d0f6852-33d8-11e6-a671-60a44ce6887b)", "description": "Python reports :\n\nPossible integer overflow and heap corruption in zipimporter.get_data()", "published": "2016-06-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=91699", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:36:39"}, {"id": "FEDORA_2016-32E5A8C3A8.NASL", "type": "nessus", "title": "Fedora 23 : python3 (2016-32e5a8c3a8)", "description": "Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92076", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:42:40"}, {"id": "REDHAT-RHSA-2016-2586.NASL", "type": "nessus", "title": "RHEL 7 : python (RHSA-2016:2586)", "description": "An update for python is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es) :\n\n* A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "published": "2016-11-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=94549", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:41:17"}, {"id": "FEDORA_2016-9932F852C7.NASL", "type": "nessus", "title": "Fedora 24 : python (2016-9932f852c7)", "description": "CVE-2016-5636\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92271", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:39:33"}, {"id": "FEDORA_2016-EFF21665E7.NASL", "type": "nessus", "title": "Fedora 23 : python (2016-eff21665e7)", "description": "CVE-2016-5636\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92336", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:33:34"}, {"id": "FEDORA_2016-D3A529AAD6.NASL", "type": "nessus", "title": "Fedora 23 : python (2016-d3a529aad6)", "description": "Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92173", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:37:33"}, {"id": "EULEROS_SA-2017-1003.NASL", "type": "nessus", "title": "EulerOS 2.0 SP1 : python (EulerOS-SA-2017-1003)", "description": "According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2017-05-01T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=99850", "cvelist": ["CVE-2016-5636"], "lastseen": "2018-06-14T07:13:18"}, {"id": "SL_20161103_PYTHON_ON_SL7_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : python on SL7.x x86_64", "description": "Security Fix(es) :\n\n - A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later 'import' statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes :", "published": "2016-12-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=95857", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:42:43"}, {"id": "FEDORA_2016-22EAB18150.NASL", "type": "nessus", "title": "Fedora 24 : python3 (2016-22eab18150)", "description": "Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92066", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:37:07"}, {"id": "FEDORA_2016-D5917E939E.NASL", "type": "nessus", "title": "Fedora 24 : python (2016-d5917e939e)", "description": "Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data()\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2016-07-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=92175", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-29T13:41:45"}], "redhat": [{"id": "RHSA-2016:2586", "type": "redhat", "title": "(RHSA-2016:2586) Low: python security, bug fix, and enhancement update", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later \"import\" statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.", "published": "2016-11-03T10:07:15", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2016:2586", "cvelist": ["CVE-2016-5636"], "lastseen": "2018-04-15T16:21:42"}], "openvas": [{"id": "OPENVAS:1361412562310808966", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2016-e63a732c9d", "description": "Check the version of python3", "published": "2016-08-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808966", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:01"}, {"id": "OPENVAS:1361412562310808453", "type": "openvas", "title": "Fedora Update for python FEDORA-2016-d5917e939e", "description": "Check the version of python", "published": "2016-06-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808453", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:40"}, {"id": "OPENVAS:1361412562310808717", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2016-308f78b2f4", "description": "Check the version of python3", "published": "2016-08-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808717", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:33"}, {"id": "OPENVAS:1361412562310808715", "type": "openvas", "title": "Fedora Update for python FEDORA-2016-eff21665e7", "description": "Check the version of python", "published": "2016-08-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808715", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:55:02"}, {"id": "OPENVAS:1361412562310808437", "type": "openvas", "title": "Fedora Update for python FEDORA-2016-d3a529aad6", "description": "Check the version of python", "published": "2016-06-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808437", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:03"}, {"id": "OPENVAS:1361412562310808452", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2016-22eab18150", "description": "Check the version of python3", "published": "2016-06-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808452", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:17"}, {"id": "OPENVAS:1361412562310871711", "type": "openvas", "title": "RedHat Update for python RHSA-2016:2586-02", "description": "Check the version of python", "published": "2016-11-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871711", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-27T10:54:27"}, {"id": "OPENVAS:1361412562310808441", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2016-32e5a8c3a8", "description": "Check the version of python3", "published": "2016-06-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808441", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:03"}, {"id": "OPENVAS:1361412562310808903", "type": "openvas", "title": "Fedora Update for python FEDORA-2016-9932f852c7", "description": "Check the version of python", "published": "2016-08-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808903", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-07-25T10:54:33"}, {"id": "OPENVAS:1361412562310809216", "type": "openvas", "title": "Cpython Man in Middle Attack and Code Execution Vulnerabilities (Windows)", "description": "This host is running Cpython and is\n prone to man in middle attack and arbitrary code execution Vulnerabilities.", "published": "2016-09-12T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809216", "cvelist": ["CVE-2016-0772", "CVE-2016-5636"], "lastseen": "2017-10-25T14:42:02"}], "centos": [{"id": "CESA-2016:2586", "type": "centos", "title": "python, tkinter security update", "description": "**CentOS Errata and Security Advisory** CESA-2016:2586\n\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later \"import\" statement could cause a heap overflow, leading to arbitrary code execution. (CVE-2016-5636)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2016-November/003444.html\n\n**Affected packages:**\npython\npython-debug\npython-devel\npython-libs\npython-test\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2586.html", "published": "2016-11-25T15:43:04", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2016-November/003444.html", "cvelist": ["CVE-2016-5636"], "lastseen": "2017-10-03T18:26:41"}], "freebsd": [{"id": "1D0F6852-33D8-11E6-A671-60A44CE6887B", "type": "freebsd", "title": "Python -- Integer overflow in zipimport module", "description": "\nPython reports:\n\nPossible integer overflow and heap corruption in\n zipimporter.get_data()\n\n", "published": "2016-01-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/1d0f6852-33d8-11e6-a671-60a44ce6887b.html", "cvelist": ["CVE-2016-5636"], "lastseen": "2016-09-26T17:24:04"}], "gentoo": [{"id": "GLSA-201701-18", "type": "gentoo", "title": "Python: Multiple vulnerabilities", "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted index file using Python\u2019s dumbdbm module, possibly resulting in execution of arbitrary code with the privileges of the process. \n\nA remote attacker could entice a user to process a specially crafted input stream using Python\u2019s zipimporter module, possibly allowing attackers to cause unspecified impact. \n\nA man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Python 2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.7.12:2.7\"\n \n\nAll Python 3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.4.5:3.4\"", "published": "2017-01-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201701-18", "cvelist": ["CVE-2016-0772", "CVE-2016-5636"], "lastseen": "2017-01-10T14:18:03"}], "kaspersky": [{"id": "KLA10866", "type": "kaspersky", "title": "\r KLA10866Multiple vulnerabilities in Python\t\t\t ", "description": "### *CVSS*:\n10.0\n\n### *Detect date*:\n02/09/2016\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in CPython (Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2. Malicious users can exploit these vulnerabilities to bypass the TLS protections, inject arbitrary HTTP headers or have unspecified impact.\n\n### *Affected products*:\nCPython 2.x before 2.7.12; \nCPython 3.x before 3.4.5; \nCPython 3.5.x before 3.5.2.\n\n### *Solution*:\nUpdate to the latest version \n[Patch to disable http header injection](<http://bugs.python.org/file37264/disable_http_header_injection.patch>) \n[Patch to StartTLS stripping attack (for branch 3.4)](<https://hg.python.org/cpython/rev/d590114c2394>) \n[Patch to StartTLS stripping attack (for branch 2.7)](<https://hg.python.org/cpython/rev/b3ce713fb9be>)\n\n### *Impacts*:\nCI \n\n### *Related products*:\n[Python](<https://threats.kaspersky.com/en/product/Python/>)\n\n### *CVE-IDS*:\n[CVE-2016-0772](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772>) \n[CVE-2016-5636](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636>) \n[CVE-2016-5699](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699>)", "published": "2016-02-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10866", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-5699"], "lastseen": "2018-03-30T14:11:19"}], "amazon": [{"id": "ALAS-2016-724", "type": "amazon", "title": "Medium: python26,python27,python34", "description": "**Issue Overview:**\n\nIt was found that Python's httplib library (used urllib, urllib2 and others) did not properly check HTTP header input in HTTPConnection.putheader(). An attacker could use this flow to inject additional headers in a Python application that allows user provided header name or values. ([CVE-2016-5699 __](<https://access.redhat.com/security/cve/CVE-2016-5699>))\n\nIt was found that Python's smtplib library did not return an exception if StartTLS fails to establish correctly in the SMTP.starttls() function. An attacker with ability to launch an active man in the middle attack could strip out the STARTTLS command without generating an exception on the python SMTP client application, preventing the establishment of the TLS layer. ([CVE-2016-0772 __](<https://access.redhat.com/security/cve/CVE-2016-0772>))\n\nA vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later \"import\" statement could cause a heap overflow, leading to arbitrary code execution. ([CVE-2016-5636 __](<https://access.redhat.com/security/cve/CVE-2016-5636>)) \n\n\n \n**Affected Packages:** \n\n\npython26,python27,python34\n\n \n**Issue Correction:** \nRun _yum update python26_ to update your system. \nRun _yum update python27_ to update your system. \nRun _yum update python34_ to update your system. \n\n\n \n**New Packages:**\n \n \n i686: \n python26-libs-2.6.9-2.86.amzn1.i686 \n python26-tools-2.6.9-2.86.amzn1.i686 \n python26-test-2.6.9-2.86.amzn1.i686 \n python26-2.6.9-2.86.amzn1.i686 \n python26-debuginfo-2.6.9-2.86.amzn1.i686 \n python26-devel-2.6.9-2.86.amzn1.i686 \n python27-devel-2.7.10-4.122.amzn1.i686 \n python27-test-2.7.10-4.122.amzn1.i686 \n python27-tools-2.7.10-4.122.amzn1.i686 \n python27-debuginfo-2.7.10-4.122.amzn1.i686 \n python27-2.7.10-4.122.amzn1.i686 \n python27-libs-2.7.10-4.122.amzn1.i686 \n python34-tools-3.4.3-1.32.amzn1.i686 \n python34-test-3.4.3-1.32.amzn1.i686 \n python34-3.4.3-1.32.amzn1.i686 \n python34-devel-3.4.3-1.32.amzn1.i686 \n python34-debuginfo-3.4.3-1.32.amzn1.i686 \n python34-libs-3.4.3-1.32.amzn1.i686 \n \n src: \n python26-2.6.9-2.86.amzn1.src \n python27-2.7.10-4.122.amzn1.src \n python34-3.4.3-1.32.amzn1.src \n \n x86_64: \n python26-libs-2.6.9-2.86.amzn1.x86_64 \n python26-tools-2.6.9-2.86.amzn1.x86_64 \n python26-test-2.6.9-2.86.amzn1.x86_64 \n python26-devel-2.6.9-2.86.amzn1.x86_64 \n python26-2.6.9-2.86.amzn1.x86_64 \n python26-debuginfo-2.6.9-2.86.amzn1.x86_64 \n python27-devel-2.7.10-4.122.amzn1.x86_64 \n python27-test-2.7.10-4.122.amzn1.x86_64 \n python27-tools-2.7.10-4.122.amzn1.x86_64 \n python27-2.7.10-4.122.amzn1.x86_64 \n python27-debuginfo-2.7.10-4.122.amzn1.x86_64 \n python27-libs-2.7.10-4.122.amzn1.x86_64 \n python34-3.4.3-1.32.amzn1.x86_64 \n python34-debuginfo-3.4.3-1.32.amzn1.x86_64 \n python34-devel-3.4.3-1.32.amzn1.x86_64 \n python34-tools-3.4.3-1.32.amzn1.x86_64 \n python34-test-3.4.3-1.32.amzn1.x86_64 \n python34-libs-3.4.3-1.32.amzn1.x86_64 \n \n \n", "published": "2016-07-20T18:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2016-724.html", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-5699"], "lastseen": "2016-09-28T21:04:11"}], "cloudfoundry": [{"id": "CFOUNDRY:596815DF0937570BB2850A53D4DFA6B2", "type": "cloudfoundry", "title": "USN-3134-1: Python vulnerabilities - Cloud Foundry", "description": "USN-3134-1: Python vulnerabilities\n\n# \n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04 LTS \n\n# Description\n\nIt was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. ([CVE-2016-0772](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0772>))\n\nR\u00e9mi Rampin discovered that Python would not protect CGI applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this to cause a CGI application to redirect outgoing HTTP requests. ([CVE-2016-1000110](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-1000110>))\n\nInsu Yun discovered an integer overflow in the zipimporter module in Python that could lead to a heap-based overflow. An attacker could use this to craft a special zip file that when read by Python could possibly execute arbitrary code. ([CVE-2016-5636](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5636>))\n\nGuido Vranken discovered that the urllib modules in Python did not properly handle carriage return line feed (CRLF) in headers. A remote attacker could use this to craft URLs that inject arbitrary HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. ([CVE-2016-5699](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5699>))\n\n# Affected Products and Versions\n\n_Severity is medium unless otherwise noted. \n_\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * All versions prior to 3151.5 \n * 3233.x versions prior to 3233.6 \n * 3263.x versions prior to 3263.12 \n * 3312.x versions prior to 3312.7 \n * All other versions \n * All versions of Cloud Foundry cflinuxfs2 prior to v.1.92.0 \n * Python Buildpack versions prior to v1.5.8 \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry team recommends upgrading to the following BOSH stemcells: \n * Upgrade all lower versions of 3151.x to version 3151.5 \n * Upgrade all lower versions of 3233.x to version 3233.6 \n * Upgrade all lower versions of 3263.x to version 3263.12 \n * Upgrade all lower versions of 3312.x to version 3312.7 \n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.92.0 or later versions \n * For existing deployments, upgrade the Python Buildpack to v1.5.8 or later and restage all applications that use automated buildpack detection. \n\n# Credit\n\nR\u00e9mi Rampin, Insu Yun, Guido Vranken\n\n# References\n\n * <https://www.ubuntu.com/usn/usn-3134-1>\n * <http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-0772>\n * <http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-1000110>\n * <http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5636>\n * <http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-5699>\n * <https://github.com/cloudfoundry/python-buildpack/releases>\n", "published": "2016-12-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.cloudfoundry.org/blog/usn-3134-1/", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-1000110", "CVE-2016-5699"], "lastseen": "2018-01-12T14:53:02"}], "oraclelinux": [{"id": "ELSA-2016-2586", "type": "oraclelinux", "title": "python security, bug fix, and enhancement update", "description": "[2.7.5-48.0.1]\n- Add Oracle Linux distribution in platform.py [orabug 20812544]\n[2.7.5-48]\n- Fix for CVE-2016-1000110 HTTPoxy attack\nResolves: rhbz#1359164\n[2.7.5-47]\n- Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.get_data()\nResolves: rhbz#1356364\n[2.7.5-46]\n- Drop patch 221 that backported sslwrap function since it was introducing regressions\n- Refactor patch 227\nResolves: rhbz#1331425\n[2.7.5-45]\n- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack (rhbz#1303647)\n Raise an error when STARTTLS fails (upstream patch)\n- Fix for CVE-2016-5699 python: http protocol steam injection attack (rhbz#1303699)\n Disabled HTTP header injections in httplib (upstream patch)\nResolves: rhbz#1346357\n[2.7.5-44]\n- Fix iteration over files with very long lines\nResolves: rhbz#1271760\n[2.7.5-43]\n- Move python.conf from /etc/tmpfiles.d/ to /usr/lib/tmpfiles.d/\nResolves: rhbz#1288426\n[2.7.5-42]\n- JSON decoder lone surrogates fix\nResolves: rhbz#1301017\n[2.7.5-41]\n- Updated PEP493 implementation\nResolves: rhbz#1315758\n[2.7.5-40]\n- Backport of Computed Goto dispatch\nResolves: rhbz#1289277", "published": "2016-11-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2016-2586.html", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-1000110", "CVE-2016-5699"], "lastseen": "2016-11-09T21:24:05"}, {"id": "ELSA-2017-1868", "type": "oraclelinux", "title": "python security and bug fix update", "description": "[2.7.5-58.0.1]\n- Add Oracle Linux distribution in platform.py [orabug 20812544]\n[2.7.5-58]\n- Set stream to None in case an _open() fails.\nResolves: rhbz#1432003\n[2.7.5-57]\n- Fix implicit declaration warnings of functions added by patches 147 and 265\nResolves: rhbz#1441237\n[2.7.5-56]\n- Fix shutil.make_archive ignoring empty directories when creating zip files\nResolves: rhbz#1439734\n[2.7.5-55]\n- Update Python RPM macros with new ones from EPEL7 to simplify packaging\nResolves: rhbz#1297522\n[2.7.5-54]\n- Protect key list during fork()\nResolves: rhbz#1268226\n[2.7.5-53]\n- Fix _ssl.c reference leaks\nResolves: rhbz#1272562\n[2.7.5-52]\n- Workaround Python's threading library issue with non returning wait, for signals with timeout\nResolves: rhbz#1368076\n[2.7.5-51]\n- Enable certificate verification by default\nResolves: rhbz#1219110\n[2.7.5-50]\n- Fix incorrect parsing of certain regular expressions\nResolves: rhbz#1373363\n[2.7.5-49]\n- Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs\nResolves: rhbz#1364444\n[2.7.5-48]\n- Fix for CVE-2016-1000110 HTTPoxy attack\nResolves: rhbz#1359164\n[2.7.5-47]\n- Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.get_data()\nResolves: rhbz#1356364\n[2.7.5-46]\n- Drop patch 221 that backported sslwrap function since it was introducing regressions\n- Refactor patch 227\nResolves: rhbz#1331425\n[2.7.5-45]\n- Fix for CVE-2016-0772 python: smtplib StartTLS stripping attack (rhbz#1303647)\n Raise an error when STARTTLS fails (upstream patch)\n- Fix for CVE-2016-5699 python: http protocol steam injection attack (rhbz#1303699)\n Disabled HTTP header injections in httplib (upstream patch)\nResolves: rhbz#1346357\n[2.7.5-44]\n- Fix iteration over files with very long lines\nResolves: rhbz#1271760\n[2.7.5-43]\n- Move python.conf from /etc/tmpfiles.d/ to /usr/lib/tmpfiles.d/\nResolves: rhbz#1288426\n[2.7.5-42]\n- JSON decoder lone surrogates fix\nResolves: rhbz#1301017\n[2.7.5-41]\n- Updated PEP493 implementation\nResolves: rhbz#1315758\n[2.7.5-40]\n- Backport of Computed Goto dispatch\nResolves: rhbz#1289277", "published": "2017-08-07T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2017-1868.html", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-1000110", "CVE-2016-5699", "CVE-2014-9365"], "lastseen": "2017-08-08T04:20:12"}], "ubuntu": [{"id": "USN-3134-1", "type": "ubuntu", "title": "Python vulnerabilities", "description": "It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. (CVE-2016-0772)\n\nR\u00e9mi Rampin discovered that Python would not protect CGI applications from contents of the HTTP_PROXY environment variable when based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this to cause a CGI application to redirect outgoing HTTP requests. (CVE-2016-1000110)\n\nInsu Yun discovered an integer overflow in the zipimporter module in Python that could lead to a heap-based overflow. An attacker could use this to craft a special zip file that when read by Python could possibly execute arbitrary code. (CVE-2016-5636)\n\nGuido Vranken discovered that the urllib modules in Python did not properly handle carriage return line feed (CRLF) in headers. A remote attacker could use this to craft URLs that inject arbitrary HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5699)", "published": "2016-11-22T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/3134-1/", "cvelist": ["CVE-2016-0772", "CVE-2016-5636", "CVE-2016-1000110", "CVE-2016-5699"], "lastseen": "2018-03-29T18:20:19"}]}}
