Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2015-2023 Canonical, Inc. / NASL script (C) 2015-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-2653-1.NASL
HistoryJun 26, 2015 - 12:00 a.m.

Ubuntu 14.04 LTS : Python vulnerabilities (USN-2653-1)

2015-06-2600:00:00
Ubuntu Security Notice (C) 2015-2023 Canonical, Inc. / NASL script (C) 2015-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
JSON

It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. (CVE-2013-1752)

It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. (CVE-2013-1753)

It was discovered that the Python json module incorrectly handled a certain argument. An attacker could possibly use this issue to read arbitrary memory and expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4616)

It was discovered that the Python CGIHTTPServer incorrectly handled URL-encoded path separators in URLs. A remote attacker could use this issue to expose sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-4650)

It was discovered that Python incorrectly handled sizes and offsets in buffer functions. An attacker could possibly use this issue to read arbitrary memory and obtain sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-7185).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-2653-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(84428);
  script_version("2.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");

  script_cve_id(
    "CVE-2013-1752",
    "CVE-2013-1753",
    "CVE-2014-4616",
    "CVE-2014-4650",
    "CVE-2014-7185"
  );
  script_bugtraq_id(
    63804,
    66958,
    68119,
    68147,
    70089
  );
  script_xref(name:"USN", value:"2653-1");

  script_name(english:"Ubuntu 14.04 LTS : Python vulnerabilities (USN-2653-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"It was discovered that multiple Python protocol libraries incorrectly
limited certain data when connecting to servers. A malicious ftp,
http, imap, nntp, pop or smtp server could use this issue to cause a
denial of service. (CVE-2013-1752)

It was discovered that the Python xmlrpc library did not limit
unpacking gzip-compressed HTTP bodies. A malicious server could use
this issue to cause a denial of service. (CVE-2013-1753)

It was discovered that the Python json module incorrectly handled a
certain argument. An attacker could possibly use this issue to read
arbitrary memory and expose sensitive information. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4616)

It was discovered that the Python CGIHTTPServer incorrectly handled
URL-encoded path separators in URLs. A remote attacker could use this
issue to expose sensitive information, or possibly execute arbitrary
code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-4650)

It was discovered that Python incorrectly handled sizes and offsets in
buffer functions. An attacker could possibly use this issue to read
arbitrary memory and obtain sensitive information. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-7185).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-2653-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-4650");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/10/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/06/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/06/26");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7-examples");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4-examples");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4-minimal");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:idle-python2.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:idle-python3.4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython2.7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython2.7-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython2.7-minimal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython2.7-stdlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython2.7-testsuite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython3.4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython3.4-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython3.4-minimal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython3.4-stdlib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpython3.4-testsuite");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2015-2023 Canonical, Inc. / NASL script (C) 2015-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('14.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '14.04', 'pkgname': 'idle-python2.7', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'idle-python3.4', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'libpython2.7', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'libpython2.7-dev', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'libpython2.7-minimal', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'libpython2.7-stdlib', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'libpython2.7-testsuite', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'libpython3.4', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'libpython3.4-dev', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'libpython3.4-minimal', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'libpython3.4-stdlib', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'libpython3.4-testsuite', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'python2.7', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'python2.7-dev', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'python2.7-examples', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'python2.7-minimal', 'pkgver': '2.7.6-8ubuntu0.2'},
    {'osver': '14.04', 'pkgname': 'python3.4', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'python3.4-dev', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'python3.4-examples', 'pkgver': '3.4.0-2ubuntu1.1'},
    {'osver': '14.04', 'pkgname': 'python3.4-minimal', 'pkgver': '3.4.0-2ubuntu1.1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'idle-python2.7 / idle-python3.4 / libpython2.7 / libpython2.7-dev / etc');
}
VendorProductVersionCPE
canonicalubuntu_linuxpython2.7p-cpe:/a:canonical:ubuntu_linux:python2.7
canonicalubuntu_linuxpython2.7-devp-cpe:/a:canonical:ubuntu_linux:python2.7-dev
canonicalubuntu_linuxpython2.7-examplesp-cpe:/a:canonical:ubuntu_linux:python2.7-examples
canonicalubuntu_linuxpython2.7-minimalp-cpe:/a:canonical:ubuntu_linux:python2.7-minimal
canonicalubuntu_linuxpython3.4p-cpe:/a:canonical:ubuntu_linux:python3.4
canonicalubuntu_linuxpython3.4-devp-cpe:/a:canonical:ubuntu_linux:python3.4-dev
canonicalubuntu_linuxpython3.4-examplesp-cpe:/a:canonical:ubuntu_linux:python3.4-examples
canonicalubuntu_linuxpython3.4-minimalp-cpe:/a:canonical:ubuntu_linux:python3.4-minimal
canonicalubuntu_linux14.04cpe:/o:canonical:ubuntu_linux:14.04:-:lts
canonicalubuntu_linuxidle-python2.7p-cpe:/a:canonical:ubuntu_linux:idle-python2.7
Rows per page:
1-10 of 211

Related

ibm 4
nessus 57
openvas 52
ubuntu 1
oraclelinux 3
redhat 3
veracode 6
centos 2
amazon 6
securityvulns 4
mageia 5
fedora 19
archlinux 2
gentoo 1
github 1
hackerone 1
ubuntucve 4
debiancve 4
osv 5
alpinelinux 1
prion 5
cve 5
exploitpack 1
packetstorm 1
f5 3
exploitdb 1
seebug 1
slackware 1
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Python affect PowerKVM
2018-06-18 01:30:44
Security Bulletin: Python vulnerabilities affect IBM SmartCloud Entry (CVE-2013-1752 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185)
2020-07-19 00:49:12
Security Bulletin: Vulnerabilities in Python, rpcbind, SQLite affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:33:00
nessus
nessus
RHEL 7 : python (RHSA-2015:2101)
2015-11-20 00:00:00
Oracle Linux 6 / 7 : python27 (ELSA-2015-1064)
2023-09-07 00:00:00
SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2015:1344-1)
2015-08-06 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-2101)
2015-11-24 00:00:00
Ubuntu: Security Advisory (USN-2653-1)
2015-06-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1344-1)
2021-04-19 00:00:00
ubuntu
ubuntu
Python vulnerabilities
2015-06-25 00:00:00
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2015-11-23 00:00:00
python27 security, bug fix, and enhancement update
2016-02-04 00:00:00
python security, bug fix, and enhancement update
2015-07-28 00:00:00
redhat
redhat
(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update
2015-06-04 00:00:00
(RHSA-2015:2101) Moderate: python security, bug fix, and enhancement update
2015-11-19 13:41:01
(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update
2015-07-22 00:00:00
veracode
veracode
Improper Input Validation
2019-05-02 05:39:24
Sensitive Information Leakage
2019-05-02 05:39:25
Improper Input Validation
2019-05-02 05:39:24
centos
centos
python, tkinter security update
2015-11-30 19:48:49
python, tkinter security update
2015-07-26 14:11:19
amazon
amazon
Medium: python26
2015-12-14 10:00:00
Medium: python27
2014-11-05 12:15:00
Medium: python27
2015-06-22 10:31:00
securityvulns
securityvulns
python security vulnerabilities
2014-07-14 00:00:00
[ MDVSA-2014:197 ] python
2014-10-27 00:00:00
[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution
2014-10-15 00:00:00
mageia
mageia
Updated python & python3 packages fix two vulnerabilities
2014-07-09 02:35:18
Updated python package fixes security vulnerabilities
2014-03-24 11:37:41
Updated python-simplejson package fixes security vulnerability
2014-07-09 02:38:10
fedora
fedora
[SECURITY] Fedora 21 Update: python3-3.4.1-16.fc21
2014-11-10 06:36:31
[SECURITY] Fedora 20 Update: python3-3.3.2-18.fc20
2014-11-09 15:45:22
[SECURITY] Fedora 20 Update: python-2.7.5-16.fc20
2015-04-22 22:41:55
archlinux
archlinux
python2: multiple issues
2014-12-15 00:00:00
python2: Information leakage through integer overflow
2014-09-26 00:00:00
gentoo
gentoo
Python: Multiple vulnerabilities
2015-03-18 00:00:00
github
github
simplejson before 2.6.1 vulnerable to array index error
2022-05-14 02:05:09
hackerone
hackerone
Internet Bug Bounty: Python vulnerability: reading arbitrary process memory
2014-05-16 23:14:13
ubuntucve
ubuntucve
CVE-2014-4616
2014-06-26 00:00:00
CVE-2013-1753
2015-06-04 00:00:00
CVE-2014-7185
2014-10-08 00:00:00
debiancve
debiancve
CVE-2014-4616
2017-08-24 20:29:00
CVE-2013-1753
2020-03-11 17:15:00
CVE-2014-4650
2020-02-20 17:15:00
osv
osv
CVE-2014-4616
2017-08-24 20:29:00
JSONDecoder.raw_decode
2017-08-24 20:00:00
simplejson before 2.6.1 vulnerable to array index error
2022-05-14 02:05:09
alpinelinux
alpinelinux
CVE-2014-4616
2017-08-24 20:29:00
prion
prion
Code injection
2017-08-24 20:29:00
Directory traversal
2020-02-20 17:15:00
Cross site request forgery (csrf)
2020-03-11 17:15:00
cve
cve
CVE-2014-4616
2017-08-24 20:29:00
CVE-2013-1753
2020-03-11 17:15:00
CVE-2014-4650
2020-02-20 17:15:00
exploitpack
exploitpack
Python CGIHTTPServer - Encoded Directory Traversal
2014-06-27 00:00:00
packetstorm
packetstorm
Python CGIHTTPServer File Disclosure / Code Execution
2014-06-27 00:00:00
f5
f5
K78825687 : Python and Jython vulnerability CVE-2014-7185
2017-07-21 00:00:00
K53192206 : Python and Jython vulnerability CVE-2013-1752
2017-07-21 00:00:00
K93278412 : Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650
2017-07-21 00:00:00
exploitdb
exploitdb
Python CGIHTTPServer - Encoded Directory Traversal
2014-06-27 00:00:00
seebug
seebug
Python多个安全漏洞
2013-12-30 00:00:00
slackware
slackware
[slackware-security] python
2019-03-03 22:46:15
JSON
Related for UBUNTU_USN-2653-1.NASL
ibm4nessus57openvas52ubuntu1oraclelinux3redhat3veracode6centos2amazon6securityvulns4mageia5fedora19archlinux2gentoo1github1hackerone1ubuntucve4debiancve4osv5alpinelinux1prion5cve5exploitpack1packetstorm1f53exploitdb1seebug1slackware1