Search...

Mandriva Linux Security Advisory : python (MDVSA-2014:041)

2014-02-20T00:00:00

ID MANDRIVA_MDVSA-2014-041.NASL
Type nessus
Reporter Tenable
Modified 2018-06-29T00:00:00

Description

A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).

The updated packages have been patched to correct this issue.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. 
# The text itself is copyright (C) Mandriva S.A.
#

include("compat.inc");

if (description)
{
  script_id(72594);
  script_version("1.8");
  script_cvs_date("Date: 2018/06/29 12:01:01");

  script_cve_id("CVE-2014-1912");
  script_bugtraq_id(65379);
  script_xref(name:"MDVSA", value:"2014:041");

  script_name(english:"Mandriva Linux Security Advisory : python (MDVSA-2014:041)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Mandriva Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A vulnerability was reported in Python's socket module, due to a
boundary error within the sock_recvfrom_into() function, which could
be exploited to cause a buffer overflow. This could be used to crash a
Python application that uses the socket.recvfrom_info() function or,
possibly, execute arbitrary code with the permissions of the user
running vulnerable Python code (CVE-2014-1912).

The updated packages have been patched to correct this issue."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.python.org/issue20246"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1062370"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64python-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64python2.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tkinter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tkinter-apps");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/02/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
  script_family(english:"Mandriva Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);


flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64python-devel-2.7.3-4.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64python2.7-2.7.3-4.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"python-2.7.3-4.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"python-docs-2.7.3-4.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"tkinter-2.7.3-4.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"tkinter-apps-2.7.3-4.5.mbs1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "MANDRIVA_MDVSA-2014-041.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "published": "2014-02-20T00:00:00", "modified": "2018-06-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "reporter": "Tenable", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "cvelist": ["CVE-2014-1912"], "type": "nessus", "lastseen": "2018-07-01T13:48:47", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 1, "enchantments": {}, "hash": "9b92f09c9b613c1012463eedc54429c9bb8e73c5ce022dabc2c4aba3568b9f2c", "hashmap": [{"hash": "30f8a3cd16450f4fae9f6381156dd10d", "key": "modified"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "a54ba23cac1969a5a4c4fc2ae60ee5cb", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2016-09-26T17:24:13", "modified": "2016-05-20T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.2", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/20 14:12:06 $\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6fd60d0452687f04fb5308281dd4dd84b9c9fdd573faa255814c6f297294c75b", "hashmap": [{"hash": "30f8a3cd16450f4fae9f6381156dd10d", "key": "modified"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "a54ba23cac1969a5a4c4fc2ae60ee5cb", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2017-10-29T13:36:52", "modified": "2016-05-20T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/20 14:12:06 $\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:36:52"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "83dfc08c7f7afa19ea39d7f1f599a179"}, {"key": "cvelist", "hash": "d65569ff0d86eb6e9bc945e604df846a"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "7f51b83a884bbf3dc9746fe5866c6354"}, {"key": "href", "hash": "fa06f43e1ac45d37cab66d87ad17926e"}, {"key": "modified", "hash": "4867c03e6d12c34bfe39d32c38729b6e"}, {"key": "naslFamily", "hash": "526837706681051344a466f9e51ac982"}, {"key": "pluginID", "hash": "56a8969e704734c58918deb27219f300"}, {"key": "published", "hash": "cfc852798ae03ee34148d1cfcbb9e999"}, {"key": "references", "hash": "c82db22f1c4a41616b1bb468d9808190"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "df101c185c62813466ef6ee78bad6482"}, {"key": "title", "hash": "3b32f4a483a694cfe34cf4b7c7caf1b2"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "302627b9201a8ca3abf6a8faa1c21bd6b13dd406fb934729fe32bcb2e6ab0cdf", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/06/29 12:01:01\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "72594", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"]}

{"result": {"cve": [{"id": "CVE-2014-1912", "type": "cve", "title": "CVE-2014-1912", "description": "Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.", "published": "2014-02-28T19:55:05", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1912", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-01-05T12:21:37"}], "f5": [{"id": "F5:K93278412", "type": "f5", "title": "Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.2.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.2.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "published": "2017-07-21T22:49:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K93278412", "cvelist": ["CVE-2014-1912", "CVE-2014-4650"], "lastseen": "2017-07-22T00:24:48"}], "zdt": [{"id": "1337DAY-ID-21938", "type": "zdt", "title": "Python socket.recvfrom_into() remote buffer overflow exploit", "description": "Proof of concept, that demonstrated the remote exploitability of this python socket flaw, if the python code uses recvfrom_into unsafelly.\r To avoid NX, ret2libc can be used thanx to", "published": "2014-02-23T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://0day.today/exploit/description/21938", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-01-06T11:03:52"}], "openvas": [{"id": "OPENVAS:867505", "type": "openvas", "title": "Fedora Update for python FEDORA-2014-2394", "description": "Check for the Version of python", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867505", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-07-25T10:48:25"}, {"id": "OPENVAS:1361412562310804322", "type": "openvas", "title": "Python 'socket.recvfrom_into' Buffer Overflow Vulnerability Mar14 (Windows)", "description": "This host is installed with Python and is prone to buffer overflow\nvulnerability.", "published": "2014-03-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804322", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-12-19T10:46:52"}, {"id": "OPENVAS:867510", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2014-2418", "description": "Check for the Version of python3", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867510", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-07-25T10:48:49"}, {"id": "OPENVAS:841733", "type": "openvas", "title": "Ubuntu Update for python2.7 USN-2125-1", "description": "Check for the Version of python2.7", "published": "2014-03-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841733", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-12-04T11:16:43"}, {"id": "OPENVAS:1361412562310120153", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2014-292", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120153", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-09-04T14:12:27"}, {"id": "OPENVAS:1361412562310120154", "type": "openvas", "title": "Amazon Linux Local Check: ALAS-2014-293", "description": "Amazon Linux Local Security Checks", "published": "2015-09-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120154", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-07-25T10:48:59"}, {"id": "OPENVAS:1361412562310867510", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2014-2418", "description": "Check for the Version of python3", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867510", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-04-09T11:13:14"}, {"id": "OPENVAS:1361412562310841733", "type": "openvas", "title": "Ubuntu Update for python2.7 USN-2125-1", "description": "Check for the Version of python2.7", "published": "2014-03-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841733", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-04-30T13:48:16"}, {"id": "OPENVAS:1361412562310867505", "type": "openvas", "title": "Fedora Update for python FEDORA-2014-2394", "description": "Check for the Version of python", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867505", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-04-09T11:11:49"}, {"id": "OPENVAS:1361412562310702880", "type": "openvas", "title": "Debian Security Advisory DSA 2880-1 (python2.7 - security update)", "description": "Multiple security issues were discovered in Python:\n\nCVE-2013-4238 \nRyan Sleevi discovered that NULL characters in the subject alternate\nnames of SSL cerficates were parsed incorrectly.\n\nCVE-2014-1912 \nRyan Smith-Roberts discovered a buffer overflow in the\nsocket.recvfrom_into() function.", "published": "2014-03-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702880", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "lastseen": "2018-04-06T11:11:33"}], "amazon": [{"id": "ALAS-2014-293", "type": "amazon", "title": "Medium: python27", "description": "**Issue Overview:**\n\nBuffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. \n\n \n**Affected Packages:** \n\n\npython27\n\n \n**Issue Correction:** \nRun _yum update python27_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n python27-tools-2.7.5-11.32.amzn1.i686 \n python27-test-2.7.5-11.32.amzn1.i686 \n python27-2.7.5-11.32.amzn1.i686 \n python27-debuginfo-2.7.5-11.32.amzn1.i686 \n python27-libs-2.7.5-11.32.amzn1.i686 \n python27-devel-2.7.5-11.32.amzn1.i686 \n \n src: \n python27-2.7.5-11.32.amzn1.src \n \n x86_64: \n python27-tools-2.7.5-11.32.amzn1.x86_64 \n python27-libs-2.7.5-11.32.amzn1.x86_64 \n python27-devel-2.7.5-11.32.amzn1.x86_64 \n python27-2.7.5-11.32.amzn1.x86_64 \n python27-debuginfo-2.7.5-11.32.amzn1.x86_64 \n python27-test-2.7.5-11.32.amzn1.x86_64 \n \n \n", "published": "2014-02-26T14:28:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2014-293.html", "cvelist": ["CVE-2014-1912"], "lastseen": "2016-09-28T21:03:56"}, {"id": "ALAS-2014-292", "type": "amazon", "title": "Medium: python26", "description": "**Issue Overview:**\n\nBuffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. \n\n \n**Affected Packages:** \n\n\npython26\n\n \n**Issue Correction:** \nRun _yum update python26_ to update your system. \n\n \n**New Packages:**\n \n \n i686: \n python26-devel-2.6.9-1.43.amzn1.i686 \n python26-libs-2.6.9-1.43.amzn1.i686 \n python26-debuginfo-2.6.9-1.43.amzn1.i686 \n python26-2.6.9-1.43.amzn1.i686 \n python26-test-2.6.9-1.43.amzn1.i686 \n python26-tools-2.6.9-1.43.amzn1.i686 \n \n src: \n python26-2.6.9-1.43.amzn1.src \n \n x86_64: \n python26-devel-2.6.9-1.43.amzn1.x86_64 \n python26-2.6.9-1.43.amzn1.x86_64 \n python26-test-2.6.9-1.43.amzn1.x86_64 \n python26-debuginfo-2.6.9-1.43.amzn1.x86_64 \n python26-tools-2.6.9-1.43.amzn1.x86_64 \n python26-libs-2.6.9-1.43.amzn1.x86_64 \n \n \n", "published": "2014-02-26T14:28:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://alas.aws.amazon.com/ALAS-2014-292.html", "cvelist": ["CVE-2014-1912"], "lastseen": "2016-09-28T21:04:06"}], "nessus": [{"id": "UBUNTU_USN-2125-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : python2.6, python2.7, python3.2, python3.3 vulnerability (USN-2125-1)", "description": "Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-03-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72798", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T13:59:33"}, {"id": "SUSE_11_PYTHON-201403-140331.NASL", "type": "nessus", "title": "SuSE 11.3 Security Update : Python (SAT Patch Number 9075)", "description": "Python was updated to fix a security issue in the socket.recvfrom_into function, where data could be written over the end of the buffer.\n(CVE-2014-1912)", "published": "2014-04-29T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73751", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T13:34:32"}, {"id": "ALA_ALAS-2014-292.NASL", "type": "nessus", "title": "Amazon Linux AMI : python26 (ALAS-2014-292)", "description": "Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.", "published": "2014-03-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72748", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T14:12:30"}, {"id": "ALA_ALAS-2014-293.NASL", "type": "nessus", "title": "Amazon Linux AMI : python27 (ALAS-2014-293)", "description": "Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.", "published": "2014-03-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72749", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T14:09:06"}, {"id": "FREEBSD_PKG_8E5E6D42A0FA11E3B09A080027F2D077.NASL", "type": "nessus", "title": "FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077)", "description": "Vincent Danen via Red Hat Issue Tracker reports :\n\nA vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code.\n\nThis vulnerable function, socket.recvfrom_into(), was introduced in Python 2.5. Earlier versions are not affected by this flaw.", "published": "2014-03-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72768", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T13:47:29"}, {"id": "MYSQL_CLUSTER_7_3_6.NASL", "type": "nessus", "title": "MySQL Cluster 7.3.x < 7.3.6 CLSTCONF RCE (July 2017 CPU)", "description": "The version of MySQL Cluster running on the remote host is 7.3.x prior to 7.3.6. It is, therefore, affected by an overflow condition in the CLSTCONF component, specifically in the Python sock_recvfrom_into() function within file Modules/socketmodule.c, due to improper validation of user-supplied input when checking boundaries. An unauthenticated, remote attacker can exploit this, via a specially crafted string, to cause a denial of service condition or the execution of arbitrary code.", "published": "2017-07-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=101811", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-21T08:27:22"}, {"id": "FEDORA_2014-2394.NASL", "type": "nessus", "title": "Fedora 20 : python-2.7.5-10.fc20 (2014-2394)", "description": "Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72523", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T13:40:39"}, {"id": "OPENSUSE-2014-289.NASL", "type": "nessus", "title": "openSUSE Security Update : python (openSUSE-SU-2014:0518-1)", "description": "This python updated fixes the following security issue :\n\n - bnc#863741: Fixed potential buffer overflow in socket.recvfrom_into (CVE-2014-1912).", "published": "2014-06-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75320", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T13:43:45"}, {"id": "FEDORA_2014-2418.NASL", "type": "nessus", "title": "Fedora 20 : python3-3.3.2-9.fc20 (2014-2418)", "description": "Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2014-02-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72524", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-07-01T14:24:18"}, {"id": "DEBIAN_DSA-2880.NASL", "type": "nessus", "title": "Debian DSA-2880-1 : python2.7 - security update", "description": "Multiple security issues were discovered in Python :\n\n - CVE-2013-4238 Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly.\n\n - CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function.", "published": "2014-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73065", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "lastseen": "2018-07-01T14:10:23"}], "exploitdb": [{"id": "EDB-ID:31875", "type": "exploitdb", "title": "Python socket.recvfrom_into - Remote Buffer Overflow", "description": "Python socket.recvfrom_into() - Remote Buffer Overflow. CVE-2014-1912. Remote exploit for linux platform", "published": "2014-02-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/31875/", "cvelist": ["CVE-2014-1912"], "lastseen": "2016-02-03T15:41:10"}], "freebsd": [{"id": "8E5E6D42-A0FA-11E3-B09A-080027F2D077", "type": "freebsd", "title": "Python -- buffer overflow in socket.recvfrom_into()", "description": "\nVincent Danen via Red Hat Issue Tracker reports:\n\nA vulnerability was reported in Python's socket module, due to a\n\t boundary error within the sock_recvfrom_into() function, which could be\n\t exploited to cause a buffer overflow. This could be used to crash a\n\t Python application that uses the socket.recvfrom_info() function or,\n\t possibly, execute arbitrary code with the permissions of the user\n\t running vulnerable Python code.\nThis vulnerable function, socket.recvfrom_into(), was introduced in\n\t Python 2.5. Earlier versions are not affected by this flaw.\n\n", "published": "2014-01-14T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/8e5e6d42-a0fa-11e3-b09a-080027f2d077.html", "cvelist": ["CVE-2014-1912"], "lastseen": "2016-09-26T17:24:26"}], "ubuntu": [{"id": "USN-2125-1", "type": "ubuntu", "title": "Python vulnerability", "description": "Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code.", "published": "2014-03-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/2125-1/", "cvelist": ["CVE-2014-1912"], "lastseen": "2018-03-29T18:18:31"}], "seebug": [{"id": "SSV:85189", "type": "seebug", "title": "Python socket.recvfrom_into() - Remote Buffer Overflow", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-85189", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-11-19T16:33:57"}, {"id": "SSV:61560", "type": "seebug", "title": "Python "sock_recvfrom_into()" \u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "description": "CVE(CAN) ID: CVE-2014-1912\r\n\r\nPython\u662f\u4e00\u79cd\u9762\u5411\u5bf9\u8c61\u3001\u76f4\u8bd1\u5f0f\u8ba1\u7b97\u673a\u7a0b\u5e8f\u8bbe\u8ba1\u8bed\u8a00\u3002\r\n\r\nPython 2.7\u7248\u672c\u7684"sock_recvfrom_into()"\u51fd\u6570(Modules/socketmodule.c)\u5b58\u5728\u8fb9\u754c\u9519\u8bef\uff0c\u5229\u7528\u540e\u53ef\u9020\u6210\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nPython python 2.7.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPython\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://bugs.python.org/issue20246", "published": "2014-02-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.seebug.org/vuldb/ssvid-61560", "cvelist": ["CVE-2014-1912"], "lastseen": "2017-11-19T17:31:51"}], "debian": [{"id": "DSA-2880", "type": "debian", "title": "python2.7 -- security update", "description": "Multiple security issues were discovered in Python:\n\n * [CVE-2013-4238](<https://security-tracker.debian.org/tracker/CVE-2013-4238>)\n\nRyan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly.\n\n * [CVE-2014-1912](<https://security-tracker.debian.org/tracker/CVE-2014-1912>)\n\nRyan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function.\n\nFor the stable distribution (wheezy), these problems have been fixed in version 2.7.3-6+deb7u2.\n\nFor the unstable distribution (sid), these problems have been fixed in version 2.7.6-7.\n\nWe recommend that you upgrade your python2.7 packages.", "published": "2014-03-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-2880", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "lastseen": "2016-09-02T18:23:26"}, {"id": "DLA-25", "type": "debian", "title": "python2.6 -- LTS security update", "description": "A regression has been identified in the python2.6 update of DLA-25-1, which may cause python applications to abort if they were running during the upgrade but they had not already imported the 'os' module, and do so after the upgrade. This update fixes this upgrade scenario.\n\nFor reference, the original advisory text follows.\n\nMultiple vulnerabilities were discovered in python2.6. The more relevant are:\n\n * [CVE-2013-4238](<https://security-tracker.debian.org/tracker/CVE-2013-4238>)\n\nIncorrect handling of NUL bytes in certificate hostnames may allow server spoofing via specially-crafted certificates signed by a trusted Certification Authority.\n\n * [CVE-2014-1912](<https://security-tracker.debian.org/tracker/CVE-2014-1912>)\n\nBuffer overflow in socket.recvfrom_into leading to application crash and possibly code execution.\n\nFor Debian 6 Squeeze, these issues have been fixed in python2.6 version 2.6.6-8+deb6u2", "published": "2014-07-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/2014/dla-25", "cvelist": ["CVE-2014-1912", "CVE-2013-4238", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940", "CVE-2011-1015"], "lastseen": "2018-07-04T01:26:59"}], "centos": [{"id": "CESA-2015:1330", "type": "centos", "title": "python, tkinter security update", "description": "**CentOS Errata and Security Advisory** CESA-2015:1330\n\n\nPython is an interpreted, interactive, object-oriented programming language\noften compared to Tcl, Perl, Scheme, or Java. Python includes modules,\nclasses, exceptions, very high level dynamic data types and dynamic typing.\nPython supports interfaces to many system calls and libraries, as well as\nto various windowing systems (X11, Motif, Tk, Mac and MFC).\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThese updated python packages also include numerous bug fixes and\nenhancements. Space precludes documenting all of these changes in this\nadvisory. For information on the most significant of these changes, users\nare directed to the following article on the Red Hat Customer Portal:\n\nhttps://access.redhat.com/articles/1495363\n\nAll python users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/001906.html\n\n**Affected packages:**\npython\npython-devel\npython-libs\npython-test\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1330.html", "published": "2015-07-26T14:11:19", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/001906.html", "cvelist": ["CVE-2014-1912", "CVE-2014-7185", "CVE-2013-1752", "CVE-2014-4650"], "lastseen": "2017-10-03T18:26:44"}], "oraclelinux": [{"id": "ELSA-2015-1330", "type": "oraclelinux", "title": "python security, bug fix, and enhancement update", "description": "[2.6.6-64.0.1]\n- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma)\n[2.6.6-64]\n- Enable use of deepcopy() with instance methods\nResolves: rhbz#1223037\n[2.6.6-63]\n- Since -libs now provide python-ordered dict, added ordereddict\n dist-info to site-packages\nResolves: rhbz#1199997\n[2.6.6-62]\n- Fix CVE-2014-7185/4650/1912 CVE-2013-1752\nResolves: rhbz#1206572\n[2.6.6-61]\n- Fix logging module error when multiprocessing module is not initialized\nResolves: rhbz#1204966\n[2.6.6-60]\n- Add provides for python-ordereddict\nResolves: rhbz#1199997\n[2.6.6-59]\n- Let ConfigParse handle options without values\n- Add check phase to specfile, fix and skip relevant failing tests\nResolves: rhbz#1031709\n[2.6.6-58]\n- Make Popen.communicate catch EINTR error\nResolves: rhbz#1073165\n[2.6.6-57]\n- Add choices for sort option of cProfile for better output\nResolves: rhbz#1160640\n[2.6.6-56]\n- Make multiprocessing ignore EINTR\nResolves: rhbz#1180864\n[2.6.6-55]\n- Fix iteration over files with very long lines\nResolves: rhbz#794632\n[2.6.6-54]\n- Fix subprocess.Popen.communicate() being broken by SIGCHLD handler.\nResolves: rhbz#1065537\n- Rebuild against latest valgrind-devel.\nResolves: rhbz#1142170\n[2.6.6-53]\n- Bump release up to ensure proper upgrade path.\nRelated: rhbz#958256", "published": "2015-07-28T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-1330.html", "cvelist": ["CVE-2014-1912", "CVE-2014-7185", "CVE-2013-1752", "CVE-2014-4650"], "lastseen": "2016-09-04T11:16:25"}, {"id": "ELSA-2015-1064", "type": "oraclelinux", "title": "python27 security, bug fix, and enhancement update", "description": "python27\n[1.1-17]\n- Require python-pip and python-wheel (note: in rh-python34\n this is not necessary, because 'python' depends on these).\npython27-python\n[2.7.8-3]\n- Add httplib fix for CVE-2013-1752\nResolves: rhbz#1187779\n[2.7.8-2]\n- Fix %check\nunset DISPLAY\n setion not failing properly on failed test\n- Fixed CVE-2013-1752, CVE-2013-1753\nResolves: rhbz#1187779\n[2.7.8-1]\n- Update to 2.7.8.\nResolves: rhbz#1167912\n- Make python-devel depend on scl-utils-build.\nResolves: rhbz#1170993\npython27-python-pip\n - New Package added\npython27-python-setuptools\n[0.9.8-3]\n- Enhance patch restoring proxy support in SSL connections\nResolves: rhbz#1222507\npython27-python-simplejson\n[3.2.0-2]\n- Fix CVE-2014-461, add boundary checks\nResolves: rhbz#1222534\npython27-python-wheel\n - New Package added ", "published": "2016-02-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2015-1064.html", "cvelist": ["CVE-2013-1753", "CVE-2014-1912", "CVE-2014-7185", "CVE-2014-4616", "CVE-2013-1752", "CVE-2014-4650"], "lastseen": "2016-09-04T11:16:35"}], "redhat": [{"id": "RHSA-2015:1330", "type": "redhat", "title": "(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update", "description": "Python is an interpreted, interactive, object-oriented programming language\noften compared to Tcl, Perl, Scheme, or Java. Python includes modules,\nclasses, exceptions, very high level dynamic data types and dynamic typing.\nPython supports interfaces to many system calls and libraries, as well as\nto various windowing systems (X11, Motif, Tk, Mac and MFC).\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThese updated python packages also include numerous bug fixes and\nenhancements. Space precludes documenting all of these changes in this\nadvisory. For information on the most significant of these changes, users\nare directed to the following article on the Red Hat Customer Portal:\n\nhttps://access.redhat.com/articles/1495363\n\nAll python users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement.\n", "published": "2015-07-22T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1330", "cvelist": ["CVE-2013-1752", "CVE-2014-1912", "CVE-2014-4650", "CVE-2014-7185"], "lastseen": "2018-06-12T21:10:29"}, {"id": "RHSA-2015:1064", "type": "redhat", "title": "(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update", "description": "Python is an interpreted, interactive, object-oriented programming language\nthat supports modules, classes, exceptions, high-level dynamic data types,\nand dynamic typing. The python27 collection provide a stable release of\nPython 2.7 with a number of additional utilities and database connectors\nfor MySQL and PostgreSQL.\n\nThe python27-python packages have been upgraded to upstream version 2.7.8,\nwhich provides numerous bug fixes over the previous version. (BZ#1167912)\n\nThe following security issues were fixed in the python27-python component:\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that the Python xmlrpclib module did not restrict the\nsize of gzip-compressed HTTP responses. A malicious XMLRPC server could\ncause an XMLRPC client using xmlrpclib to consume an excessive amount of\nmemory. (CVE-2013-1753)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThe following security issue was fixed in the python27-python and\npython27-python-simplejson components:\n\nA flaw was found in the way the json module handled negative index\narguments passed to certain functions (such as raw_decode()). An attacker\nable to control the index value passed to one of the affected functions\ncould possibly use this flaw to disclose portions of the application\nmemory. (CVE-2014-4616)\n\nIn addition, this update adds the following enhancement:\n\n* The python27 Software Collection now includes the python-wheel and\npython-pip modules. (BZ#994189, BZ#1167902)\n\nAll python27 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running python27\ninstances must be restarted for this update to take effect.\n", "published": "2015-06-04T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2015:1064", "cvelist": ["CVE-2013-1752", "CVE-2013-1753", "CVE-2014-1912", "CVE-2014-4616", "CVE-2014-4650", "CVE-2014-7185"], "lastseen": "2018-06-16T00:38:08"}], "gentoo": [{"id": "GLSA-201503-10", "type": "gentoo", "title": "Python: Multiple vulnerabilities", "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker may be able to execute arbitrary code or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Python 3.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.3.5-r1\"\n \n\nAll Python 2.7 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.7.9-r1\"", "published": "2015-03-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/201503-10", "cvelist": ["CVE-2014-1912", "CVE-2014-2667", "CVE-2013-7338", "CVE-2014-7185", "CVE-2014-4616", "CVE-2013-1752", "CVE-2014-9365"], "lastseen": "2016-09-06T19:46:48"}], "oracle": [{"id": "ORACLE:CPUJUL2017-3236622", "type": "oracle", "title": "Oracle Critical Patch Update - July 2017", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 310 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2282980.1>).\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using version 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "published": "2018-03-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "", "cvelist": ["CVE-2017-10230", "CVE-2017-10226", "CVE-2017-10193", "CVE-2017-10063", "CVE-2017-10031", "CVE-2017-3562", "CVE-2015-5254", "CVE-2017-10228", "CVE-2017-10248", "CVE-2015-1792", "CVE-2014-3566", "CVE-2017-3637", "CVE-2017-10235", "CVE-2017-10088", "CVE-2015-0235", "CVE-2017-10171", "CVE-2017-10196", "CVE-2017-10239", "CVE-2017-10208", "CVE-2017-10231", "CVE-2017-3638", "CVE-2017-10192", "CVE-2017-10001", "CVE-2016-4431", "CVE-2014-1912", "CVE-2017-10211", "CVE-2016-4436", "CVE-2016-5385", "CVE-2017-10143", "CVE-2015-3197", "CVE-2017-10175", "CVE-2017-10202", "CVE-2017-10244", "CVE-2017-10179", "CVE-2017-3642", "CVE-2017-10028", "CVE-2017-10160", "CVE-2016-5019", "CVE-2017-10012", "CVE-2017-10246", "CVE-2017-10134", "CVE-2017-3529", "CVE-2016-6306", "CVE-2017-10229", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10075", "CVE-2017-10147", "CVE-2017-10207", "CVE-2017-10113", "CVE-2016-4438", "CVE-2017-10149", "CVE-2017-5689", "CVE-2015-0286", "CVE-2017-10238", "CVE-2016-2178", "CVE-2017-10015", "CVE-2017-3639", "CVE-2017-10241", "CVE-2017-10141", "CVE-2017-10236", "CVE-2017-10069", "CVE-2017-10222", "CVE-2015-3195", "CVE-2017-10220", "CVE-2017-10087", "CVE-2016-2108", "CVE-2017-10250", "CVE-2017-3632", "CVE-2017-10204", "CVE-2013-2027", "CVE-2017-10036", "CVE-2016-3092", "CVE-2014-3571", "CVE-2016-4465", "CVE-2017-10093", "CVE-2017-10064", "CVE-2016-6302", "CVE-2017-3652", "CVE-2017-10076", "CVE-2017-10198", "CVE-2017-10095", "CVE-2017-10006", "CVE-2017-10247", "CVE-2017-10119", "CVE-2017-10234", "CVE-2017-10169", "CVE-2017-3646", "CVE-2017-3648", "CVE-2017-10128", "CVE-2016-2177", "CVE-2017-10121", "CVE-2017-10213", "CVE-2017-10043", "CVE-2017-10144", "CVE-2014-0224", "CVE-2017-10209", "CVE-2016-0635", "CVE-2016-2105", "CVE-2017-10106", "CVE-2017-10186", "CVE-2017-10123", "CVE-2016-4433", "CVE-2017-10052", "CVE-2017-10032", "CVE-2017-10005", "CVE-2015-8607", "CVE-2017-10224", "CVE-2016-2107", "CVE-2016-7055", "CVE-2017-10150", "CVE-2017-10168", "CVE-2017-10232", "CVE-2015-7501", "CVE-2017-10170", "CVE-2017-3649", "CVE-2017-10022", "CVE-2015-3253", "CVE-2017-10107", "CVE-2017-3731", "CVE-2017-10183", "CVE-2016-6307", "CVE-2017-10243", "CVE-2017-5638", "CVE-2016-2834", "CVE-2017-10215", "CVE-2017-10023", "CVE-2017-10242", "CVE-2017-10048", "CVE-2017-10079", "CVE-2016-6308", "CVE-2017-10145", "CVE-2017-10195", "CVE-2017-10070", "CVE-2016-2180", "CVE-2017-10142", "CVE-2017-10104", "CVE-2017-10062", "CVE-2017-10210", "CVE-2017-10201", "CVE-2017-10044", "CVE-2017-10133", "CVE-2017-5651", "CVE-2017-3645", "CVE-2017-10020", "CVE-2017-5647", "CVE-2015-8608", "CVE-2017-10085", "CVE-2016-5388", "CVE-2017-10184", "CVE-2016-2109", "CVE-2017-10255", "CVE-2017-10199", "CVE-2017-3633", "CVE-2017-10082", "CVE-2017-10126", "CVE-2017-10030", "CVE-2017-10135", "CVE-2016-2181", "CVE-2017-3647", "CVE-2017-10008", "CVE-2017-10021", "CVE-2017-10217", "CVE-2016-6304", "CVE-2017-10132", "CVE-2017-10136", "CVE-2017-10187", "CVE-2017-10212", "CVE-2017-3732", "CVE-2016-5386", "CVE-2017-10057", "CVE-2017-10094", "CVE-2017-10252", "CVE-2017-10218", "CVE-2017-10038", "CVE-2017-10191", "CVE-2017-10205", "CVE-2017-3644", "CVE-2017-10101", "CVE-2017-10249", "CVE-2017-10146", "CVE-2017-10237", "CVE-2017-10108", "CVE-2017-10090", "CVE-2016-1979", "CVE-2017-3643", "CVE-2017-10049", "CVE-2017-10004", "CVE-2017-10041", "CVE-2016-2381", "CVE-2016-4430", "CVE-2017-10103", "CVE-2017-10219", "CVE-2017-10061", "CVE-2015-1788", "CVE-2017-10129", "CVE-2017-10025", "CVE-2017-10180", "CVE-2017-10221", "CVE-2017-10019", "CVE-2017-10024", "CVE-2017-10010", "CVE-2017-10185", "CVE-2017-10189", "CVE-2017-10035", "CVE-2017-10111", "CVE-2017-10117", "CVE-2017-10100", "CVE-2017-10013", "CVE-2016-7052", "CVE-2017-10091", "CVE-2017-10178", "CVE-2017-10096", "CVE-2017-10045", "CVE-2017-10240", "CVE-2017-10016", "CVE-2017-10157", "CVE-2017-10040", "CVE-2017-10131", "CVE-2016-1950", "CVE-2017-10071", "CVE-2017-10254", "CVE-2017-10083", "CVE-2017-10003", "CVE-2011-2730", "CVE-2017-3651", "CVE-2017-10110", "CVE-2017-3650", "CVE-2017-3641", "CVE-2017-10097", "CVE-2017-10073", "CVE-2017-10002", "CVE-2017-10105", "CVE-2017-10253", "CVE-2017-10017", "CVE-2017-10056", "CVE-2017-10115", "CVE-2017-3635", "CVE-2017-10047", "CVE-2017-10046", "CVE-2016-1181", "CVE-2017-10114", "CVE-2017-10058", "CVE-2017-10039", "CVE-2015-1790", "CVE-2017-10181", "CVE-2017-10027", "CVE-2017-10206", "CVE-2017-10245", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10216", "CVE-2016-5387", "CVE-2017-10223", "CVE-2017-10233", "CVE-2017-10116", "CVE-2017-10200", "CVE-2017-10148", "CVE-2017-5650", "CVE-2017-10214", "CVE-2016-2182", "CVE-2017-10067", "CVE-2017-10078", "CVE-2017-10000", "CVE-2017-10092", "CVE-2017-10256", "CVE-2017-10257", "CVE-2017-10156", "CVE-2017-10074", "CVE-2017-10182", "CVE-2017-10059", "CVE-2017-10098", "CVE-2017-10053", "CVE-2017-10018", "CVE-2015-0254", "CVE-2017-10029", "CVE-2017-3653", "CVE-2015-7940", "CVE-2017-10137", "CVE-2017-10174", "CVE-2017-10225", "CVE-2017-10173", "CVE-2017-3640", "CVE-2017-10177", "CVE-2017-10081", "CVE-2016-3506", "CVE-2017-3636", "CVE-2017-10120", "CVE-2017-10258", "CVE-2017-10112", "CVE-2017-10042", "CVE-2017-10176", "CVE-2017-10122", "CVE-2017-10188", "CVE-2016-2179", "CVE-2017-10089", "CVE-2017-10109", "CVE-2017-10086", "CVE-2016-2106", "CVE-2017-3634", "CVE-2017-10130", "CVE-2017-10118", "CVE-2016-6814", "CVE-2017-10007", "CVE-2017-10080", "CVE-2017-10084", "CVE-2015-1791", "CVE-2017-10009", "CVE-2017-10125", "CVE-2016-6309", "CVE-2017-10072", "CVE-2017-10251", "CVE-2017-10102", "CVE-2017-10172", "CVE-2017-10011"], "lastseen": "2018-04-18T20:24:04"}]}}