For more information, please visit the referenced security
advisories.
More details may also be found by searching for keyword
5040780 within the SuSE Enterprise Server 9 patch
database at http://download.novell.com/patch/finder/
# OpenVAS Vulnerability Test
# $Id: sles9p5040780.nasl 9350 2018-04-06 07:03:33Z cfischer $
# Description: Security update for Python
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_summary = "The remote host is missing updates to packages that affect
the security of your system. One or more of the following packages
are affected:
python
python-curses
python-demo
python-devel
python-doc
python-doc-pdf
python-gdbm
python-idle
python-mpz
python-tk
python-xml
For more information, please visit the referenced security
advisories.
More details may also be found by searching for keyword
5040780 within the SuSE Enterprise Server 9 patch
database at http://download.novell.com/patch/finder/";
tag_solution = "Please install the updates provided by SuSE.";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.65048");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)");
script_cve_id("CVE-2008-4864", "CVE-2008-5031");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("SLES9: Security update for Python");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms");
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"python", rpm:"python~2.3.3~88.26", rls:"SLES9.0")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:136141256231065048", "type": "openvas", "bulletinFamily": "scanner", "title": "SLES9: Security update for Python", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "published": "2009-10-10T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065048", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "lastseen": "2018-04-06T11:40:11", "viewCount": 3, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2018-04-06T11:40:11", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-4864", "CVE-2008-5031"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231063373", "OPENVAS:65048", "OPENVAS:63373", "OPENVAS:136141256231063136", "OPENVAS:800052", "OPENVAS:63136", "OPENVAS:1361412562310800052", "OPENVAS:136141256231065933", "OPENVAS:64488", "OPENVAS:65933"]}, {"type": "nessus", "idList": ["UBUNTU_USN-806-1.NASL", "SUSE9_12316.NASL", "ORACLELINUX_ELSA-2009-1178.NASL", "REDHAT-RHSA-2009-1178.NASL", "GENTOO_GLSA-200907-16.NASL", "SUSE_11_0_PYTHON-081201.NASL", "SUSE_PYTHON-5837.NASL", "MANDRIVA_MDVSA-2009-003.NASL", "SUSE_PYTHON-5848.NASL", "CENTOS_RHSA-2009-1178.NASL"]}, {"type": "ubuntu", "idList": ["USN-806-1"]}, {"type": "exploitdb", "idList": ["EDB-ID:10229", "EDB-ID:32534"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:6F4BE7377CBDEC35F258FFC9DEA11116"]}, {"type": "seebug", "idList": ["SSV:60622", "SSV:67092", "SSV:18331"]}, {"type": "gentoo", "idList": ["GLSA-200907-16"]}, {"type": "centos", "idList": ["CESA-2009:1178", "CESA-2009:1176"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1177", "ELSA-2009-1176", "ELSA-2009-1178"]}, {"type": "redhat", "idList": ["RHSA-2009:1176", "RHSA-2009:1177", "RHSA-2009:1178"]}, {"type": "vmware", "idList": ["VMSA-2009-0016"]}], "modified": "2018-04-06T11:40:11", "rev": 2}, "vulnersScore": 6.7}, "pluginID": "136141256231065048", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5040780.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65048\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.3~88.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "SuSE Local Security Checks"}
{"cve": [{"lastseen": "2020-10-03T11:51:03", "description": "Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.", "edition": 3, "cvss3": {}, "published": "2008-11-01T00:00:00", "title": "CVE-2008-4864", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-4864"], "modified": "2018-10-11T20:53:00", "cpe": ["cpe:/a:python_software_foundation:python:2.1", "cpe:/a:python_software_foundation:python:2.3.2", "cpe:/a:python_software_foundation:python:2.3.3", "cpe:/a:python_software_foundation:python:2.3.5", "cpe:/a:python_software_foundation:python:2.1.3", "cpe:/a:python_software_foundation:python:2.5", "cpe:/a:python_software_foundation:python:2.3", "cpe:/a:python_software_foundation:python:2.5.1", "cpe:/a:python_software_foundation:python:2.4.4", "cpe:/a:python_software_foundation:python:1.5.2", "cpe:/a:python_software_foundation:python:2.3.6", "cpe:/a:python_software_foundation:python:2.3.1", "cpe:/a:python_software_foundation:python:2.2.2", "cpe:/a:python_software_foundation:python:2.4.2", "cpe:/a:python_software_foundation:python:2.2.1", "cpe:/a:python_software_foundation:python:2.3.4", "cpe:/a:python_software_foundation:python:1.6.1", "cpe:/a:python_software_foundation:python:2.0", "cpe:/a:python_software_foundation:python:2.2", "cpe:/a:python_software_foundation:python:2.2.3", "cpe:/a:python_software_foundation:python:2.1.2", "cpe:/a:python_software_foundation:python:2.4.1", "cpe:/a:python_software_foundation:python:2.1.1", "cpe:/a:python_software_foundation:python:2.4.3", "cpe:/a:python_software_foundation:python:2.4", "cpe:/a:python_software_foundation:python:1.6", "cpe:/a:python_software_foundation:python:2.0.1"], "id": "CVE-2008-4864", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4864", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:python_software_foundation:python:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:python_software_foundation:python:2.4.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:51:03", "description": "Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.", "edition": 4, "cvss3": {}, "published": "2008-11-10T16:15:00", "title": "CVE-2008-5031", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5031"], "modified": "2019-10-25T11:53:00", "cpe": ["cpe:/a:python:python:2.5.1", "cpe:/a:python:python:2.2.3", "cpe:/a:python:python:2.4.6", "cpe:/a:python:python:2.3.7"], "id": "CVE-2008-5031", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5031", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:python:python:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.3.7:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-26T08:56:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65048", "href": "http://plugins.openvas.org/nasl.php?oid=65048", "type": "openvas", "title": "SLES9: Security update for Python", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5040780.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-doc\n python-doc-pdf\n python-gdbm\n python-idle\n python-mpz\n python-tk\n python-xml\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5040780 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65048);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.3~88.26\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing an update to python2.5\nannounced via advisory USN-806-1.", "modified": "2017-12-01T00:00:00", "published": "2009-07-29T00:00:00", "id": "OPENVAS:64488", "href": "http://plugins.openvas.org/nasl.php?oid=64488", "type": "openvas", "title": "Ubuntu USN-806-1 (python2.5)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_806_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_806_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-806-1 (python2.5)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n python2.4 2.4.3-0ubuntu6.3\n python2.4-minimal 2.4.3-0ubuntu6.3\n\nUbuntu 8.04 LTS:\n python2.4 2.4.5-1ubuntu4.2\n python2.4-minimal 2.4.5-1ubuntu4.2\n python2.5 2.5.2-2ubuntu6\n python2.5-minimal 2.5.2-2ubuntu6\n\nUbuntu 8.10:\n python2.4 2.4.5-5ubuntu1.1\n python2.4-minimal 2.4.5-5ubuntu1.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-806-1\";\n\ntag_insight = \"It was discovered that Python incorrectly handled certain arguments in the\nimageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code with\nuser privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS.\n(CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject and\nunicodeobject expandtabs method. If an attacker were able to exploit these\nflaws they could execute arbitrary code with user privileges or cause\nPython applications to crash, leading to a denial of service.\n(CVE-2008-5031)\";\ntag_summary = \"The remote host is missing an update to python2.5\nannounced via advisory USN-806-1.\";\n\n \n\n\nif(description)\n{\n script_id(64488);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-806-1 (python2.5)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-806-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-gdbm\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-tk\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.3-0ubuntu6.3\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-doc\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-examples\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.5\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-1ubuntu4.2\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-dbg\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-dev\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5-minimal\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.5\", ver:\"2.5.2-2ubuntu6\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-doc\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-examples\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"idle-python2.4\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbg\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dev\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-5ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065933", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065933", "type": "openvas", "title": "SLES10: Security update for Python", "sourceData": "#\n#VID slesp2-python-5837\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65933\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65933", "href": "http://plugins.openvas.org/nasl.php?oid=65933", "type": "openvas", "title": "SLES10: Security update for Python", "sourceData": "#\n#VID slesp2-python-5837\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for Python\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python\n python-curses\n python-demo\n python-devel\n python-gdbm\n python-idle\n python-tk\n python-xml\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65933);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for Python\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-curses\", rpm:\"python-curses~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-demo\", rpm:\"python-demo~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-gdbm\", rpm:\"python-gdbm~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-idle\", rpm:\"python-idle~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-tk\", rpm:\"python-tk~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-xml\", rpm:\"python-xml~2.4.2~18.25\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "description": "The remote host is missing an update to python\nannounced via advisory MDVSA-2009:036.", "modified": "2017-07-07T00:00:00", "published": "2009-02-13T00:00:00", "id": "OPENVAS:63373", "href": "http://plugins.openvas.org/nasl.php?oid=63373", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:036 (python)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_036.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:036 (python)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to\nbreak out of the Python VM and execute arbitrary code via large\ninteger values in certain arguments to the crop function, leading to\na buffer overflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.5.2 and earlier allow\ncontext-dependent attackers to have an unknown impact via vectors\nrelated to the (1) stringobject, (2) unicodeobject, (3) bufferobject,\n(4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and\n(8) mmapmodule modules. NOTE: The expandtabs integer overflows in\nstringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via\na large integer value in the tabsize argument to the expandtabs\nmethod, as implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\n\nAffected: Corporate 3.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:036\";\ntag_summary = \"The remote host is missing an update to python\nannounced via advisory MDVSA-2009:036.\";\n\n \n\nif(description)\n{\n script_id(63373);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2007-4965\", \"CVE-2008-1679\", \"CVE-2008-4864\", \"CVE-2008-5031\", \"CVE-2008-2315\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:036 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpython2.3\", rpm:\"libpython2.3~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3-devel\", rpm:\"libpython2.3-devel~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.3\", rpm:\"lib64python2.3~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.3-devel\", rpm:\"lib64python2.3-devel~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3\", rpm:\"libpython2.3~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3-devel\", rpm:\"libpython2.3-devel~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:40:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "description": "The remote host is missing an update to python\nannounced via advisory MDVSA-2009:036.", "modified": "2018-04-06T00:00:00", "published": "2009-02-13T00:00:00", "id": "OPENVAS:136141256231063373", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063373", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:036 (python)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_036.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:036 (python)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to\nbreak out of the Python VM and execute arbitrary code via large\ninteger values in certain arguments to the crop function, leading to\na buffer overflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.5.2 and earlier allow\ncontext-dependent attackers to have an unknown impact via vectors\nrelated to the (1) stringobject, (2) unicodeobject, (3) bufferobject,\n(4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and\n(8) mmapmodule modules. NOTE: The expandtabs integer overflows in\nstringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via\na large integer value in the tabsize argument to the expandtabs\nmethod, as implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\n\nAffected: Corporate 3.0, Multi Network Firewall 2.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:036\";\ntag_summary = \"The remote host is missing an update to python\nannounced via advisory MDVSA-2009:036.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63373\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2007-4965\", \"CVE-2008-1679\", \"CVE-2008-4864\", \"CVE-2008-5031\", \"CVE-2008-2315\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:036 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpython2.3\", rpm:\"libpython2.3~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3-devel\", rpm:\"libpython2.3-devel~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.3\", rpm:\"lib64python2.3~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.3-devel\", rpm:\"lib64python2.3-devel~2.3.7~0.2.C30mdk\", rls:\"MNDK_3.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3\", rpm:\"libpython2.3~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.3-devel\", rpm:\"libpython2.3-devel~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.3.7~0.2.M20mdk\", rls:\"MNDK_2.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "description": "The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.", "modified": "2017-07-06T00:00:00", "published": "2009-01-13T00:00:00", "id": "OPENVAS:63136", "href": "http://plugins.openvas.org/nasl.php?oid=63136", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:003 (python)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_003.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:003 (python)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to\nbreak out of the Python VM and execute arbitrary code via large\ninteger values in certain arguments to the crop function, leading to\na buffer overflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via\na large integer value in the tabsize argument to the expandtabs\nmethod, as implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:003\";\ntag_summary = \"The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.\";\n\n \n\nif(description)\n{\n script_id(63136);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2007-4965\", \"CVE-2008-1679\", \"CVE-2008-4864\", \"CVE-2008-2315\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:003 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4\", rpm:\"libpython2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4-devel\", rpm:\"libpython2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4\", rpm:\"lib64python2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4-devel\", rpm:\"lib64python2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "description": "The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.", "modified": "2018-04-06T00:00:00", "published": "2009-01-13T00:00:00", "id": "OPENVAS:136141256231063136", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063136", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:003 (python)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_003.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:003 (python)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to\nbreak out of the Python VM and execute arbitrary code via large\ninteger values in certain arguments to the crop function, leading to\na buffer overflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via\na large integer value in the tabsize argument to the expandtabs\nmethod, as implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\n\nAffected: 2008.0, 2008.1, 2009.0, Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:003\";\ntag_summary = \"The remote host is missing an update to python\nannounced via advisory MDVSA-2009:003.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63136\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2007-4965\", \"CVE-2008-1679\", \"CVE-2008-4864\", \"CVE-2008-2315\", \"CVE-2008-5031\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:003 (python)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.3mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4\", rpm:\"libpython2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpython2.4-devel\", rpm:\"libpython2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4\", rpm:\"lib64python2.4~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64python2.4-devel\", rpm:\"lib64python2.4-devel~2.4.5~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864"], "description": "This host has Python installed and is prone to buffer overflow\n vulnerability.", "modified": "2017-02-20T00:00:00", "published": "2008-11-11T00:00:00", "id": "OPENVAS:800052", "href": "http://plugins.openvas.org/nasl.php?oid=800052", "type": "openvas", "title": "Python Imageop Module imageop.crop() BOF Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_python_imageop_bof_vuln_win.nasl 5370 2017-02-20 15:24:26Z cfi $\n#\n# Python Imageop Module imageop.crop() BOF Vulnerability (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Remote exploitation will allow execution of arbitrary code via large number\n of integer values to crop module, which leads to a buffer overflow\n (Segmentation fault).\n Impact Level: Application\";\ntag_affected = \"Python 1.5.2 to 2.5.1 on Windows\";\ntag_insight = \"The flaw exists due the the way module imageop.crop() handles the arguments\n as input in imageop.c file.\";\ntag_solution = \"Upgrade to Python 2.5.2\n http://www.python.org/\";\ntag_summary = \"This host has Python installed and is prone to buffer overflow\n vulnerability.\";\n\nif(description)\n{\n script_id(800052);\n script_version(\"$Revision: 5370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-20 16:24:26 +0100 (Mon, 20 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-11-11 09:00:11 +0100 (Tue, 11 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2008-4864\");\n script_bugtraq_id(31976);\n script_name(\"Python Imageop Module imageop.crop() BOF Vulnerability (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_mandatory_keys(\"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(!(get_kb_item(\"SMB/WindowsVersion\"))){\n exit(0);\n}\n\nkey = \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\\";\n\nif(!registry_key_exists(key:key)){\n exit(0);\n}\n\nforeach entry (registry_enum_keys(key:key))\n{\n pyName = registry_get_sz(key:key + entry, item:\"DisplayName\");\n if(\"Python\" >< pyName)\n {\n pyVer = eregmatch(pattern:\"[0-9.]+\", string:pyName);\n if(pyVer != NULL)\n {\n if(version_in_range(version:pyVer[0], test_version:\"1.5.2\",\n test_version2:\"2.5.1\")){\n security_message(0);\n }\n }\n exit(0);\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-11-13T20:25:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864"], "description": "This host has Python installed and is prone to buffer overflow\n vulnerability.", "modified": "2019-11-12T00:00:00", "published": "2008-11-11T00:00:00", "id": "OPENVAS:1361412562310800052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800052", "type": "openvas", "title": "Python Imageop Module imageop.crop() BOF Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Python Imageop Module imageop.crop() BOF Vulnerability (Windows)\n#\n# Authors:\n# Chandan S <schandan@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2008 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:python:python\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800052\");\n script_version(\"2019-11-12T13:34:01+0000\");\n script_cve_id(\"CVE-2008-4864\");\n script_bugtraq_id(31976);\n script_tag(name:\"last_modification\", value:\"2019-11-12 13:34:01 +0000 (Tue, 12 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2008-11-11 09:00:11 +0100 (Tue, 11 Nov 2008)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Python Imageop Module imageop.crop() BOF Vulnerability (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2008 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_python_detect_win.nasl\");\n script_mandatory_keys(\"python/win/detected\");\n\n script_xref(name:\"URL\", value:\"http://www.python.org/\");\n\n script_tag(name:\"impact\", value:\"Remote exploitation will allow execution of arbitrary code via large number\n of integer values to crop module, which leads to a buffer overflow\n (Segmentation fault).\");\n\n script_tag(name:\"affected\", value:\"Python 1.5.2 to 2.5.1 on Windows\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due the the way module imageop.crop() handles the arguments\n as input in imageop.c file.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Python 2.5.2 or later.\");\n\n script_tag(name:\"summary\", value:\"This host has Python installed and is prone to buffer overflow\n vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos['version'];\npath = infos['location'];\n\nif( version_in_range( version:vers, test_version:\"1.5.2\", test_version2:\"2.5.1\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"2.5.2\", install_path:path );\n security_message( port:0, data:report );\n}\n\nexit( 0 );\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-09T00:23:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "description": "It was discovered that Python incorrectly handled certain arguments in the \nimageop module. If an attacker were able to pass specially crafted \narguments through the crop function, they could execute arbitrary code with \nuser privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. \n(CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject and \nunicodeobject expandtabs method. If an attacker were able to exploit these \nflaws they could execute arbitrary code with user privileges or cause \nPython applications to crash, leading to a denial of service. \n(CVE-2008-5031)", "edition": 5, "modified": "2009-07-23T00:00:00", "published": "2009-07-23T00:00:00", "id": "USN-806-1", "href": "https://ubuntu.com/security/notices/USN-806-1", "title": "Python vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-17T14:02:18", "description": "Integer overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864, CVE-2008-5031)", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : Python (YOU Patch Number 12316)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12316.NASL", "href": "https://www.tenable.com/plugins/nessus/41260", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41260);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"SuSE9 Security Update : Python (YOU Patch Number 12316)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864, CVE-2008-5031)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12316.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"python-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-curses-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-demo-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-devel-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-doc-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-doc-pdf-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-gdbm-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-idle-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-mpz-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-tk-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"python-xml-2.3.3-88.26\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"python-32bit-9-200812011728\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:47:00", "description": "Integer Overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864 / CVE-2008-5031)", "edition": 23, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : Python (ZYPP Patch Number 5837)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-5031"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_PYTHON-5837.NASL", "href": "https://www.tenable.com/plugins/nessus/41581", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41581);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"SuSE 10 Security Update : Python (ZYPP Patch Number 5837)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer Overflows in the python imageop module and in the expandtabs\nmethod potentially allowed attackers to execute arbitrary code.\n(CVE-2008-4864 / CVE-2008-5031)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-4864.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2008-5031.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 5837.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-curses-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-devel-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-gdbm-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-tk-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"python-xml-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-curses-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-demo-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-devel-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-gdbm-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-idle-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-tk-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"python-xml-2.4.2-18.25\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.25\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:40", "description": "It was discovered that Python incorrectly handled certain arguments in\nthe imageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code\nwith user privileges. For Python 2.5, this issue only affected Ubuntu\n8.04 LTS. (CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject\nand unicodeobject expandtabs method. If an attacker were able to\nexploit these flaws they could execute arbitrary code with user\nprivileges or cause Python applications to crash, leading to a denial\nof service. (CVE-2008-5031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2009-07-24T00:00:00", "title": "Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2008-2315", "CVE-2008-5031"], "modified": "2009-07-24T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.4-dev", "p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal", "p-cpe:/a:canonical:ubuntu_linux:python2.4-doc", "p-cpe:/a:canonical:ubuntu_linux:idle-python2.5", "p-cpe:/a:canonical:ubuntu_linux:python2.4", "p-cpe:/a:canonical:ubuntu_linux:python2.5", "p-cpe:/a:canonical:ubuntu_linux:idle-python2.4", "p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal", "p-cpe:/a:canonical:ubuntu_linux:python2.4-examples", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.4-gdbm", "p-cpe:/a:canonical:ubuntu_linux:python2.5-dev", "p-cpe:/a:canonical:ubuntu_linux:python2.4-dbg", "p-cpe:/a:canonical:ubuntu_linux:python2.5-doc", "cpe:/o:canonical:ubuntu_linux:8.10", "p-cpe:/a:canonical:ubuntu_linux:python2.4-tk", "p-cpe:/a:canonical:ubuntu_linux:python2.5-dbg", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python2.5-examples"], "id": "UBUNTU_USN-806-1.NASL", "href": "https://www.tenable.com/plugins/nessus/40361", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-806-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40361);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2008-2315\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(31932, 31976, 33187);\n script_xref(name:\"USN\", value:\"806-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 : python2.4, python2.5 vulnerabilities (USN-806-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python incorrectly handled certain arguments in\nthe imageop module. If an attacker were able to pass specially crafted\narguments through the crop function, they could execute arbitrary code\nwith user privileges. For Python 2.5, this issue only affected Ubuntu\n8.04 LTS. (CVE-2008-4864)\n\nMultiple integer overflows were discovered in Python's stringobject\nand unicodeobject expandtabs method. If an attacker were able to\nexploit these flaws they could execute arbitrary code with user\nprivileges or cause Python applications to crash, leading to a denial\nof service. (CVE-2008-5031).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/806-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:idle-python2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:idle-python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"idle-python2.4\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-dev\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-doc\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-examples\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-gdbm\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"python2.4-tk\", pkgver:\"2.4.3-0ubuntu6.3\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"idle-python2.4\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"idle-python2.5\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-dev\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-doc\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-examples\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.5-1ubuntu4.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-dbg\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-dev\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-doc\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-examples\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-minimal\", pkgver:\"2.5.2-2ubuntu6\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"idle-python2.4\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-dbg\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-dev\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-doc\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-examples\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.5-5ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"idle-python2.4 / idle-python2.5 / python2.4 / python2.4-dbg / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:52:01", "description": "Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to break\nout of the Python VM and execute arbitrary code via large integer\nvalues in certain arguments to the crop function, leading to a buffer\noverflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via a\nlarge integer value in the tabsize argument to the expandtabs method,\nas implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : python (MDVSA-2009:003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864", "CVE-2007-4965", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-5031"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64python2.5-devel", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:libpython2.5-devel", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:tkinter-apps", "p-cpe:/a:mandriva:linux:python-docs", "cpe:/o:mandriva:linux:2008.1", "p-cpe:/a:mandriva:linux:python", "cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:lib64python2.5", "p-cpe:/a:mandriva:linux:python-base", "p-cpe:/a:mandriva:linux:libpython2.5"], "id": "MANDRIVA_MDVSA-2009-003.NASL", "href": "https://www.tenable.com/plugins/nessus/36693", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:003. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36693);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(31976);\n script_xref(name:\"MDVSA\", value:\"2009:003\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2009:003)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple integer overflows in imageop.c in the imageop module in\nPython 1.5.2 through 2.5.1 allow context-dependent attackers to break\nout of the Python VM and execute arbitrary code via large integer\nvalues in certain arguments to the crop function, leading to a buffer\noverflow, a different vulnerability than CVE-2007-4965 and\nCVE-2008-1679. (CVE-2008-4864)\n\nMultiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,\nallow context-dependent attackers to have an unknown impact via a\nlarge integer value in the tabsize argument to the expandtabs method,\nas implemented by (1) the string_expandtabs function in\nObjects/stringobject.c and (2) the unicode_expandtabs function in\nObjects/unicodeobject.c. NOTE: this vulnerability reportedly exists\nbecause of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)\n\nThe updated Python packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-base-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-docs-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-apps-2.5.2-2.3mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-base-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"python-docs-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tkinter-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"tkinter-apps-2.5.2-2.3mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-base-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-docs-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-apps-2.5.2-5.2mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:03:40", "description": "Integer Overflows in the python imageop module potentially allowed\nattackers to execute arbitrary code (CVE-2008-4864).", "edition": 23, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : python (python-360)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864"], "modified": "2009-07-21T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:python-idle", "p-cpe:/a:novell:opensuse:python-curses", "p-cpe:/a:novell:opensuse:python-32bit", "p-cpe:/a:novell:opensuse:python-gdbm", "p-cpe:/a:novell:opensuse:python", "p-cpe:/a:novell:opensuse:python-xml", "p-cpe:/a:novell:opensuse:python-tk", "p-cpe:/a:novell:opensuse:python-demo", "p-cpe:/a:novell:opensuse:python-devel"], "id": "SUSE_11_0_PYTHON-081201.NASL", "href": "https://www.tenable.com/plugins/nessus/40116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update python-360.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40116);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4864\");\n\n script_name(english:\"openSUSE Security Update : python (python-360)\");\n script_summary(english:\"Check for the python-360 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer Overflows in the python imageop module potentially allowed\nattackers to execute arbitrary code (CVE-2008-4864).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=444989\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-curses-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-demo-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-devel-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-gdbm-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-idle-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-tk-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"python-xml-2.5.2-26.4\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"python-32bit-2.5.2-26.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-32bit / python-curses / python-demo / python-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:47:00", "description": "Integer Overflows in the python imageop module potentially allowed\nattackers to execute arbitrary code (CVE-2008-4864).", "edition": 23, "published": "2009-01-11T00:00:00", "title": "openSUSE 10 Security Update : python (python-5848)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-4864"], "modified": "2009-01-11T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:python-idle", "p-cpe:/a:novell:opensuse:python-curses", "p-cpe:/a:novell:opensuse:python-32bit", "p-cpe:/a:novell:opensuse:python-gdbm", "p-cpe:/a:novell:opensuse:python", "p-cpe:/a:novell:opensuse:python-xml", "p-cpe:/a:novell:opensuse:python-tk", "p-cpe:/a:novell:opensuse:python-demo", "p-cpe:/a:novell:opensuse:python-devel"], "id": "SUSE_PYTHON-5848.NASL", "href": "https://www.tenable.com/plugins/nessus/35332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update python-5848.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35332);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-4864\");\n\n script_name(english:\"openSUSE 10 Security Update : python (python-5848)\");\n script_summary(english:\"Check for the python-5848 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Integer Overflows in the python imageop module potentially allowed\nattackers to execute arbitrary code (CVE-2008-4864).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-curses-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-demo-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-devel-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-gdbm-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-idle-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-tk-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"python-xml-2.5.1-39.8\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"python-32bit-2.5.1-39.8\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-32bit / python-curses / python-demo / python-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:52:33", "description": "The remote host is affected by the vulnerability described in GLSA-200907-16\n(Python: Integer overflows)\n\n Chris Evans reported multiple integer overflows in the expandtabs\n method, as implemented by (1) the string_expandtabs function in\n Objects/stringobject.c and (2) the unicode_expandtabs function in\n Objects/unicodeobject.c.\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities in Python\n applications or daemons that pass user-controlled input to vulnerable\n functions. The security impact is currently unknown but may include the\n execution of arbitrary code or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2009-07-20T00:00:00", "title": "GLSA-200907-16 : Python: Integer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-5031"], "modified": "2009-07-20T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:python"], "id": "GENTOO_GLSA-200907-16.NASL", "href": "https://www.tenable.com/plugins/nessus/39870", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200907-16.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39870);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5031\");\n script_bugtraq_id(33187);\n script_xref(name:\"GLSA\", value:\"200907-16\");\n\n script_name(english:\"GLSA-200907-16 : Python: Integer overflows\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200907-16\n(Python: Integer overflows)\n\n Chris Evans reported multiple integer overflows in the expandtabs\n method, as implemented by (1) the string_expandtabs function in\n Objects/stringobject.c and (2) the unicode_expandtabs function in\n Objects/unicodeobject.c.\n \nImpact :\n\n A remote attacker could exploit these vulnerabilities in Python\n applications or daemons that pass user-controlled input to vulnerable\n functions. The security impact is currently unknown but may include the\n execution of arbitrary code or a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200907-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Python 2.5 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.4-r2'\n All Python 2.4 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/python\", unaffected:make_list(\"ge 2.5.4-r2\", \"rge 2.4.6\"), vulnerable:make_list(\"lt 2.5.4-r2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Python\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:39", "description": "From Red Hat Security Advisory 2009:1178 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : python (ELSA-2009-1178)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tkinter", "p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-tools", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:python-devel"], "id": "ORACLELINUX_ELSA-2009-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/67898", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1178 and \n# Oracle Linux Security Advisory ELSA-2009-1178 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67898);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1178\");\n\n script_name(english:\"Oracle Linux 3 : python (ELSA-2009-1178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1178 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001092.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tkinter-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-tools / tkinter\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:44:27", "description": "When the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nWould like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : python for SL 3.0.x on i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090728_PYTHON_FOR_SL_3_0_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60624", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60624);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n\n script_name(english:\"Scientific Linux Security Update : python for SL 3.0.x on i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nWould like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=2408\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?492e1514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", cpu:\"i386\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"SL3\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:50", "description": "Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.", "edition": 28, "published": "2009-07-28T00:00:00", "title": "CentOS 3 : python (CESA-2009:1178)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "modified": "2009-07-28T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tkinter", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-docs", "p-cpe:/a:centos:centos:python-tools", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/40394", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1178 and \n# CentOS Errata and Security Advisory 2009:1178 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40394);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-1679\", \"CVE-2008-1887\", \"CVE-2008-2315\", \"CVE-2008-3142\", \"CVE-2008-3143\", \"CVE-2008-3144\", \"CVE-2008-4864\", \"CVE-2008-5031\");\n script_bugtraq_id(28715, 28749, 30491, 31932, 31976, 33187);\n script_xref(name:\"RHSA\", value:\"2009:1178\");\n\n script_name(english:\"CentOS 3 : python (CESA-2009:1178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw\nwas revealed in the Python string object implementation that led to a\nbuffer overflow. The missing check for negative size values meant the\nPython memory allocator could allocate less memory than expected. This\ncould result in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python\nUnicode string processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial\nof service (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop\nmodule. If a Python application used the imageop module to process\nuntrusted images, it could cause the application to crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2008-1679, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws\nto cause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules.\nAn attacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security\nteam for responsibly reporting the CVE-2008-1679 and CVE-2008-2315\nissues.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016040.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fe2ccaf6\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016041.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dfc5e7af\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-devel-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-docs-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"python-tools-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"tkinter-2.2.3-6.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"tkinter-2.2.3-6.11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-02-01T12:04:55", "description": "Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability. CVE-2008-4864. Dos exploits for multiple platform", "published": "2009-11-24T00:00:00", "type": "exploitdb", "title": "Python < 2.5.2 Imageop Module - 'imageop.crop' Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4864"], "modified": "2009-11-24T00:00:00", "id": "EDB-ID:10229", "href": "https://www.exploit-db.com/exploits/10229/", "sourceData": "Python's 'imageop' module is prone to a buffer-overflow vulnerability.\r\n\r\nSuccessful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.\r\n\r\nThis issue affects versions prior to Python 2.5.2. \r\n\r\nBugtraq ID: \t 31976\r\nClass: \tBoundary Condition Error\r\nCVE: \tCVE-2008-4864\r\nPublished: \tOct 29 2008 12:00AM\r\nUpdated: \tNov 24 2009 07:56PM\r\nCredit: \tChris Evans\r\nVulnerable: \tVMWare vMA 4.0\r\nVMWare ESX Server 3.0.3\r\nVMWare ESX Server 2.5.5\r\nVMWare ESX Server 4.0\r\nVMWare ESX Server 3.5\r\nUbuntu Ubuntu Linux 8.10 sparc\r\nUbuntu Ubuntu Linux 8.10 powerpc\r\nUbuntu Ubuntu Linux 8.10 lpia\r\nUbuntu Ubuntu Linux 8.10 i386\r\nUbuntu Ubuntu Linux 8.10 amd64\r\nUbuntu Ubuntu Linux 8.04 LTS sparc\r\nUbuntu Ubuntu Linux 8.04 LTS powerpc\r\nUbuntu Ubuntu Linux 8.04 LTS lpia\r\nUbuntu Ubuntu Linux 8.04 LTS i386\r\nUbuntu Ubuntu Linux 8.04 LTS amd64\r\nUbuntu Ubuntu Linux 6.06 LTS sparc\r\nUbuntu Ubuntu Linux 6.06 LTS powerpc\r\nUbuntu Ubuntu Linux 6.06 LTS i386\r\nUbuntu Ubuntu Linux 6.06 LTS amd64\r\nS.u.S.E. SUSE Linux Enterprise Server 10 SP2\r\nS.u.S.E. SUSE Linux Enterprise Desktop 10 SP2\r\nS.u.S.E. SLE SDK 10 SP2\r\nS.u.S.E. openSUSE 11.1\r\nS.u.S.E. openSUSE 11.0\r\nS.u.S.E. openSUSE 10.3\r\nS.u.S.E. Open-Enterprise-Server 0\r\nS.u.S.E. Novell Linux POS 9\r\nS.u.S.E. Novell Linux Desktop 9\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux WS 3\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux ES 3\r\nRedHat Enterprise Linux Desktop Workstation 5 client\r\nRedHat Enterprise Linux Desktop 5 client\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux AS 3\r\nRedHat Enterprise Linux Desktop version 4\r\nRedHat Enterprise Linux 5 server\r\nRedHat Desktop 3.0\r\nPython Software Foundation Python 2.5.1\r\nPython Software Foundation Python 2.4.5\r\nPython Software Foundation Python 2.4.4 r14\r\nPython Software Foundation Python 2.4.4\r\nPython Software Foundation Python 2.4.3\r\n+ Trustix Secure Linux 3.0.5\r\nPython Software Foundation Python 2.4.2\r\nPython Software Foundation Python 2.4.1\r\nPython Software Foundation Python 2.4\r\nPython Software Foundation Python 2.3.6\r\nPython Software Foundation Python 2.3.5\r\nPython Software Foundation Python 2.3.4\r\nPython Software Foundation Python 2.3.3\r\nPython Software Foundation Python 2.3.2\r\nPython Software Foundation Python 2.3.1\r\nPython Software Foundation Python 2.3 b1\r\nPython Software Foundation Python 2.3\r\nPython Software Foundation Python 2.2.3\r\n+ RedHat Desktop 3.0\r\n+ RedHat Enterprise Linux AS 3\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux WS 3\r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nPython Software Foundation Python 2.2.2\r\n+ OpenPKG OpenPKG 1.2\r\n+ RedHat Linux 7.3\r\n+ S.u.S.E. Linux Personal 8.2\r\nPython Software Foundation Python 2.2.1\r\nPython Software Foundation Python 2.2\r\n+ Conectiva Linux 8.0\r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2\r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1\r\nPython Software Foundation Python 2.1.3\r\n+ Debian Linux 3.0\r\nPython Software Foundation Python 2.1.2\r\nPython Software Foundation Python 2.1.1\r\nPython Software Foundation Python 2.1\r\nPython Software Foundation Python 2.0.1\r\nPython Software Foundation Python 2.0\r\n+ MandrakeSoft Linux Mandrake 8.0 ppc\r\n+ MandrakeSoft Linux Mandrake 8.0\r\nPython Software Foundation Python 1.6.1\r\nPython Software Foundation Python 1.6\r\nPython Software Foundation Python 1.5.2\r\nPython Software Foundation Python 2.5\r\nMandrakeSoft Multi Network Firewall 2.0\r\nMandrakeSoft Linux Mandrake 2009.0 x86_64\r\nMandrakeSoft Linux Mandrake 2009.0\r\nMandrakeSoft Linux Mandrake 2008.1 x86_64\r\nMandrakeSoft Linux Mandrake 2008.1\r\nMandrakeSoft Linux Mandrake 2008.0 x86_64\r\nMandrakeSoft Linux Mandrake 2008.0\r\nMandrakeSoft Corporate Server 4.0 x86_64\r\nMandrakeSoft Corporate Server 3.0 x86_64\r\nMandrakeSoft Corporate Server 3.0\r\nMandrakeSoft Corporate Server 4.0\r\nApple Mac OS X Server 10.5.6\r\nApple Mac OS X Server 10.5.5\r\nApple Mac OS X Server 10.5.4\r\nApple Mac OS X Server 10.5.3\r\nApple Mac OS X Server 10.5.2\r\nApple Mac OS X Server 10.5.1\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.10\r\nApple Mac OS X Server 10.4.9\r\nApple Mac OS X Server 10.4.8\r\nApple Mac OS X Server 10.4.7\r\nApple Mac OS X Server 10.4.6\r\nApple Mac OS X Server 10.4.5\r\nApple Mac OS X Server 10.4.4\r\nApple Mac OS X Server 10.4.3\r\nApple Mac OS X Server 10.4.2\r\nApple Mac OS X Server 10.4.1\r\nApple Mac OS X Server 10.4\r\nApple Mac OS X Server 10.5\r\nApple Mac OS X 10.5.6\r\nApple Mac OS X 10.5.5\r\nApple Mac OS X 10.5.4\r\nApple Mac OS X 10.5.3\r\nApple Mac OS X 10.5.2\r\nApple Mac OS X 10.5.1\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.10\r\nApple Mac OS X 10.4.9\r\nApple Mac OS X 10.4.8\r\nApple Mac OS X 10.4.7\r\nApple Mac OS X 10.4.6\r\nApple Mac OS X 10.4.5\r\nApple Mac OS X 10.4.4\r\nApple Mac OS X 10.4.3\r\nApple Mac OS X 10.4.2\r\nApple Mac OS X 10.4.1\r\nApple Mac OS X 10.4\r\nApple Mac OS X 10.5\r\nNot Vulnerable: \tVMWare vMA 4.0 Patch 2\r\nPython Software Foundation Python 2.5.2 \r\n\r\nPOC:\r\n\r\nimport imageop\r\ns = ''\r\nimageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/10229/"}, {"lastseen": "2016-02-03T17:12:56", "description": "Python 2.5.2 'Imageop' Module Argument Validation Buffer Overflow Vulnerability. CVE-2008-4864. Dos exploit for unix platform", "published": "2008-10-27T00:00:00", "type": "exploitdb", "title": "Python <= 2.5.2 - 'Imageop' Module Argument Validation Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4864"], "modified": "2008-10-27T00:00:00", "id": "EDB-ID:32534", "href": "https://www.exploit-db.com/exploits/32534/", "sourceData": "source: http://www.securityfocus.com/bid/31932/info\r\n\r\nPython's 'imageop' module is prone to a buffer-overflow vulnerability.\r\n\r\nSuccessful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python modules. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.\r\n\r\nThese issues affect versions prior to Python 2.5.2-r6. \r\n\r\nimport imageop\r\ns = ''\r\nimageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/32534/"}], "seebug": [{"lastseen": "2017-11-19T13:36:53", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "title": "Python < 2.5.2 Imageop Module - 'imageop.crop()' Buffer Overflow Vulnerability", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4864"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-67092", "id": "SSV:67092", "sourceData": "\n Python's 'imageop' module is prone to a buffer-overflow vulnerability.\r\n\r\nSuccessful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.\r\n\r\nThis issue affects versions prior to Python 2.5.2. \r\n\r\nBugtraq ID: \t 31976\r\nClass: \tBoundary Condition Error\r\nCVE: \tCVE-2008-4864\r\nPublished: \tOct 29 2008 12:00AM\r\nUpdated: \tNov 24 2009 07:56PM\r\nCredit: \tChris Evans\r\nVulnerable: \tVMWare vMA 4.0\r\nVMWare ESX Server 3.0.3\r\nVMWare ESX Server 2.5.5\r\nVMWare ESX Server 4.0\r\nVMWare ESX Server 3.5\r\nUbuntu Ubuntu Linux 8.10 sparc\r\nUbuntu Ubuntu Linux 8.10 powerpc\r\nUbuntu Ubuntu Linux 8.10 lpia\r\nUbuntu Ubuntu Linux 8.10 i386\r\nUbuntu Ubuntu Linux 8.10 amd64\r\nUbuntu Ubuntu Linux 8.04 LTS sparc\r\nUbuntu Ubuntu Linux 8.04 LTS powerpc\r\nUbuntu Ubuntu Linux 8.04 LTS lpia\r\nUbuntu Ubuntu Linux 8.04 LTS i386\r\nUbuntu Ubuntu Linux 8.04 LTS amd64\r\nUbuntu Ubuntu Linux 6.06 LTS sparc\r\nUbuntu Ubuntu Linux 6.06 LTS powerpc\r\nUbuntu Ubuntu Linux 6.06 LTS i386\r\nUbuntu Ubuntu Linux 6.06 LTS amd64\r\nS.u.S.E. SUSE Linux Enterprise Server 10 SP2\r\nS.u.S.E. SUSE Linux Enterprise Desktop 10 SP2\r\nS.u.S.E. SLE SDK 10 SP2\r\nS.u.S.E. openSUSE 11.1\r\nS.u.S.E. openSUSE 11.0\r\nS.u.S.E. openSUSE 10.3\r\nS.u.S.E. Open-Enterprise-Server 0\r\nS.u.S.E. Novell Linux POS 9\r\nS.u.S.E. Novell Linux Desktop 9\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux WS 3\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux ES 3\r\nRedHat Enterprise Linux Desktop Workstation 5 client\r\nRedHat Enterprise Linux Desktop 5 client\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux AS 3\r\nRedHat Enterprise Linux Desktop version 4\r\nRedHat Enterprise Linux 5 server\r\nRedHat Desktop 3.0\r\nPython Software Foundation Python 2.5.1\r\nPython Software Foundation Python 2.4.5\r\nPython Software Foundation Python 2.4.4 r14\r\nPython Software Foundation Python 2.4.4\r\nPython Software Foundation Python 2.4.3\r\n+ Trustix Secure Linux 3.0.5\r\nPython Software Foundation Python 2.4.2\r\nPython Software Foundation Python 2.4.1\r\nPython Software Foundation Python 2.4\r\nPython Software Foundation Python 2.3.6\r\nPython Software Foundation Python 2.3.5\r\nPython Software Foundation Python 2.3.4\r\nPython Software Foundation Python 2.3.3\r\nPython Software Foundation Python 2.3.2\r\nPython Software Foundation Python 2.3.1\r\nPython Software Foundation Python 2.3 b1\r\nPython Software Foundation Python 2.3\r\nPython Software Foundation Python 2.2.3\r\n+ RedHat Desktop 3.0\r\n+ RedHat Enterprise Linux AS 3\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux WS 3\r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nPython Software Foundation Python 2.2.2\r\n+ OpenPKG OpenPKG 1.2\r\n+ RedHat Linux 7.3\r\n+ S.u.S.E. Linux Personal 8.2\r\nPython Software Foundation Python 2.2.1\r\nPython Software Foundation Python 2.2\r\n+ Conectiva Linux 8.0\r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2\r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1\r\nPython Software Foundation Python 2.1.3\r\n+ Debian Linux 3.0\r\nPython Software Foundation Python 2.1.2\r\nPython Software Foundation Python 2.1.1\r\nPython Software Foundation Python 2.1\r\nPython Software Foundation Python 2.0.1\r\nPython Software Foundation Python 2.0\r\n+ MandrakeSoft Linux Mandrake 8.0 ppc\r\n+ MandrakeSoft Linux Mandrake 8.0\r\nPython Software Foundation Python 1.6.1\r\nPython Software Foundation Python 1.6\r\nPython Software Foundation Python 1.5.2\r\nPython Software Foundation Python 2.5\r\nMandrakeSoft Multi Network Firewall 2.0\r\nMandrakeSoft Linux Mandrake 2009.0 x86_64\r\nMandrakeSoft Linux Mandrake 2009.0\r\nMandrakeSoft Linux Mandrake 2008.1 x86_64\r\nMandrakeSoft Linux Mandrake 2008.1\r\nMandrakeSoft Linux Mandrake 2008.0 x86_64\r\nMandrakeSoft Linux Mandrake 2008.0\r\nMandrakeSoft Corporate Server 4.0 x86_64\r\nMandrakeSoft Corporate Server 3.0 x86_64\r\nMandrakeSoft Corporate Server 3.0\r\nMandrakeSoft Corporate Server 4.0\r\nApple Mac OS X Server 10.5.6\r\nApple Mac OS X Server 10.5.5\r\nApple Mac OS X Server 10.5.4\r\nApple Mac OS X Server 10.5.3\r\nApple Mac OS X Server 10.5.2\r\nApple Mac OS X Server 10.5.1\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.10\r\nApple Mac OS X Server 10.4.9\r\nApple Mac OS X Server 10.4.8\r\nApple Mac OS X Server 10.4.7\r\nApple Mac OS X Server 10.4.6\r\nApple Mac OS X Server 10.4.5\r\nApple Mac OS X Server 10.4.4\r\nApple Mac OS X Server 10.4.3\r\nApple Mac OS X Server 10.4.2\r\nApple Mac OS X Server 10.4.1\r\nApple Mac OS X Server 10.4\r\nApple Mac OS X Server 10.5\r\nApple Mac OS X 10.5.6\r\nApple Mac OS X 10.5.5\r\nApple Mac OS X 10.5.4\r\nApple Mac OS X 10.5.3\r\nApple Mac OS X 10.5.2\r\nApple Mac OS X 10.5.1\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.10\r\nApple Mac OS X 10.4.9\r\nApple Mac OS X 10.4.8\r\nApple Mac OS X 10.4.7\r\nApple Mac OS X 10.4.6\r\nApple Mac OS X 10.4.5\r\nApple Mac OS X 10.4.4\r\nApple Mac OS X 10.4.3\r\nApple Mac OS X 10.4.2\r\nApple Mac OS X 10.4.1\r\nApple Mac OS X 10.4\r\nApple Mac OS X 10.5\r\nNot Vulnerable: \tVMWare vMA 4.0 Patch 2\r\nPython Software Foundation Python 2.5.2 \r\n\r\nPOC:\r\n\r\nimport imageop\r\ns = ''\r\nimageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \n ", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-67092"}, {"lastseen": "2017-11-19T18:29:43", "description": "No description provided by source.", "published": "2009-11-24T00:00:00", "type": "seebug", "title": "Python < 2.5.2 Imageop Module 'imageop.crop()' Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4864"], "modified": "2009-11-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-18331", "id": "SSV:18331", "sourceData": "\n Python's 'imageop' module is prone to a buffer-overflow vulnerability.\r\n\r\nSuccessful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.\r\n\r\nThis issue affects versions prior to Python 2.5.2. \r\n\r\nBugtraq ID: \t 31976\r\nClass: \tBoundary Condition Error\r\nCVE: \tCVE-2008-4864\r\nPublished: \tOct 29 2008 12:00AM\r\nUpdated: \tNov 24 2009 07:56PM\r\nCredit: \tChris Evans\r\nVulnerable: \tVMWare vMA 4.0\r\nVMWare ESX Server 3.0.3\r\nVMWare ESX Server 2.5.5\r\nVMWare ESX Server 4.0\r\nVMWare ESX Server 3.5\r\nUbuntu Ubuntu Linux 8.10 sparc\r\nUbuntu Ubuntu Linux 8.10 powerpc\r\nUbuntu Ubuntu Linux 8.10 lpia\r\nUbuntu Ubuntu Linux 8.10 i386\r\nUbuntu Ubuntu Linux 8.10 amd64\r\nUbuntu Ubuntu Linux 8.04 LTS sparc\r\nUbuntu Ubuntu Linux 8.04 LTS powerpc\r\nUbuntu Ubuntu Linux 8.04 LTS lpia\r\nUbuntu Ubuntu Linux 8.04 LTS i386\r\nUbuntu Ubuntu Linux 8.04 LTS amd64\r\nUbuntu Ubuntu Linux 6.06 LTS sparc\r\nUbuntu Ubuntu Linux 6.06 LTS powerpc\r\nUbuntu Ubuntu Linux 6.06 LTS i386\r\nUbuntu Ubuntu Linux 6.06 LTS amd64\r\nS.u.S.E. SUSE Linux Enterprise Server 10 SP2\r\nS.u.S.E. SUSE Linux Enterprise Desktop 10 SP2\r\nS.u.S.E. SLE SDK 10 SP2\r\nS.u.S.E. openSUSE 11.1\r\nS.u.S.E. openSUSE 11.0\r\nS.u.S.E. openSUSE 10.3\r\nS.u.S.E. Open-Enterprise-Server 0\r\nS.u.S.E. Novell Linux POS 9\r\nS.u.S.E. Novell Linux Desktop 9\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux WS 3\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux ES 3\r\nRedHat Enterprise Linux Desktop Workstation 5 client\r\nRedHat Enterprise Linux Desktop 5 client\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux AS 3\r\nRedHat Enterprise Linux Desktop version 4\r\nRedHat Enterprise Linux 5 server\r\nRedHat Desktop 3.0\r\nPython Software Foundation Python 2.5.1\r\nPython Software Foundation Python 2.4.5\r\nPython Software Foundation Python 2.4.4 r14\r\nPython Software Foundation Python 2.4.4\r\nPython Software Foundation Python 2.4.3\r\n+ Trustix Secure Linux 3.0.5\r\nPython Software Foundation Python 2.4.2\r\nPython Software Foundation Python 2.4.1\r\nPython Software Foundation Python 2.4\r\nPython Software Foundation Python 2.3.6\r\nPython Software Foundation Python 2.3.5\r\nPython Software Foundation Python 2.3.4\r\nPython Software Foundation Python 2.3.3\r\nPython Software Foundation Python 2.3.2\r\nPython Software Foundation Python 2.3.1\r\nPython Software Foundation Python 2.3 b1\r\nPython Software Foundation Python 2.3\r\nPython Software Foundation Python 2.2.3\r\n+ RedHat Desktop 3.0\r\n+ RedHat Enterprise Linux AS 3\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux WS 3\r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nPython Software Foundation Python 2.2.2\r\n+ OpenPKG OpenPKG 1.2\r\n+ RedHat Linux 7.3\r\n+ S.u.S.E. Linux Personal 8.2\r\nPython Software Foundation Python 2.2.1\r\nPython Software Foundation Python 2.2\r\n+ Conectiva Linux 8.0\r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2\r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1\r\nPython Software Foundation Python 2.1.3\r\n+ Debian Linux 3.0\r\nPython Software Foundation Python 2.1.2\r\nPython Software Foundation Python 2.1.1\r\nPython Software Foundation Python 2.1\r\nPython Software Foundation Python 2.0.1\r\nPython Software Foundation Python 2.0\r\n+ MandrakeSoft Linux Mandrake 8.0 ppc\r\n+ MandrakeSoft Linux Mandrake 8.0\r\nPython Software Foundation Python 1.6.1\r\nPython Software Foundation Python 1.6\r\nPython Software Foundation Python 1.5.2\r\nPython Software Foundation Python 2.5\r\nMandrakeSoft Multi Network Firewall 2.0\r\nMandrakeSoft Linux Mandrake 2009.0 x86_64\r\nMandrakeSoft Linux Mandrake 2009.0\r\nMandrakeSoft Linux Mandrake 2008.1 x86_64\r\nMandrakeSoft Linux Mandrake 2008.1\r\nMandrakeSoft Linux Mandrake 2008.0 x86_64\r\nMandrakeSoft Linux Mandrake 2008.0\r\nMandrakeSoft Corporate Server 4.0 x86_64\r\nMandrakeSoft Corporate Server 3.0 x86_64\r\nMandrakeSoft Corporate Server 3.0\r\nMandrakeSoft Corporate Server 4.0\r\nApple Mac OS X Server 10.5.6\r\nApple Mac OS X Server 10.5.5\r\nApple Mac OS X Server 10.5.4\r\nApple Mac OS X Server 10.5.3\r\nApple Mac OS X Server 10.5.2\r\nApple Mac OS X Server 10.5.1\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.11\r\nApple Mac OS X Server 10.4.10\r\nApple Mac OS X Server 10.4.9\r\nApple Mac OS X Server 10.4.8\r\nApple Mac OS X Server 10.4.7\r\nApple Mac OS X Server 10.4.6\r\nApple Mac OS X Server 10.4.5\r\nApple Mac OS X Server 10.4.4\r\nApple Mac OS X Server 10.4.3\r\nApple Mac OS X Server 10.4.2\r\nApple Mac OS X Server 10.4.1\r\nApple Mac OS X Server 10.4\r\nApple Mac OS X Server 10.5\r\nApple Mac OS X 10.5.6\r\nApple Mac OS X 10.5.5\r\nApple Mac OS X 10.5.4\r\nApple Mac OS X 10.5.3\r\nApple Mac OS X 10.5.2\r\nApple Mac OS X 10.5.1\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.11\r\nApple Mac OS X 10.4.10\r\nApple Mac OS X 10.4.9\r\nApple Mac OS X 10.4.8\r\nApple Mac OS X 10.4.7\r\nApple Mac OS X 10.4.6\r\nApple Mac OS X 10.4.5\r\nApple Mac OS X 10.4.4\r\nApple Mac OS X 10.4.3\r\nApple Mac OS X 10.4.2\r\nApple Mac OS X 10.4.1\r\nApple Mac OS X 10.4\r\nApple Mac OS X 10.5\r\nNot Vulnerable: \tVMWare vMA 4.0 Patch 2\r\nPython Software Foundation Python 2.5.2 \r\n\r\nPOC:\r\n\r\nimport imageop\r\ns = ''\r\nimageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-18331", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:46:45", "description": "Bugtraq ID:33187\r\nCVE ID: CVE-2008-5031\r\n\r\nPython\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u811a\u672c\u7f16\u7a0b\u8bed\u8a00\u3002\r\nPython\u5b58\u5728\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\uff0c\u5141\u8bb8\u4e0a\u4e0b\u6587\u72ec\u7acb\u7684\u653b\u51fb\u8005\u5411expandtabs\u65b9\u6cd5\u63d0\u4ea4\u5305\u542b\u8d85\u5927\u6574\u6570\u503c\u7684tabsize\u53c2\u6570\u89e6\u53d1\u3002\u5176\u4e2dObjects/stringobject.c\u4e2d\u7684string_expandtabs\u51fd\u6570\u548cObjects/unicodeobject.c\u4e2d\u7684unicode_expandtabs\u51fd\u6570\u5b9e\u73b0\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\u3002\n0\nPython 2.2.3 - 2.5.1\r\nPython 2.6\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c\r\nhttp://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c", "published": "2013-02-03T00:00:00", "title": "Python 'expandtabs'\u591a\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-5031"], "modified": "2013-02-03T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60622", "id": "SSV:60622", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}], "exploitpack": [{"lastseen": "2020-04-01T19:04:44", "description": "\nPython 2.5.2 Imageop Module - imageop.crop() Buffer Overflow", "edition": 1, "published": "2009-11-24T00:00:00", "title": "Python 2.5.2 Imageop Module - imageop.crop() Buffer Overflow", "type": "exploitpack", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-4864"], "modified": "2009-11-24T00:00:00", "id": "EXPLOITPACK:6F4BE7377CBDEC35F258FFC9DEA11116", "href": "", "sourceData": "Python's 'imageop' module is prone to a buffer-overflow vulnerability.\n\nSuccessful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python module. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.\n\nThis issue affects versions prior to Python 2.5.2. \n\nBugtraq ID: \t 31976\nClass: \tBoundary Condition Error\nCVE: \tCVE-2008-4864\nPublished: \tOct 29 2008 12:00AM\nUpdated: \tNov 24 2009 07:56PM\nCredit: \tChris Evans\nVulnerable: \tVMWare vMA 4.0\nVMWare ESX Server 3.0.3\nVMWare ESX Server 2.5.5\nVMWare ESX Server 4.0\nVMWare ESX Server 3.5\nUbuntu Ubuntu Linux 8.10 sparc\nUbuntu Ubuntu Linux 8.10 powerpc\nUbuntu Ubuntu Linux 8.10 lpia\nUbuntu Ubuntu Linux 8.10 i386\nUbuntu Ubuntu Linux 8.10 amd64\nUbuntu Ubuntu Linux 8.04 LTS sparc\nUbuntu Ubuntu Linux 8.04 LTS powerpc\nUbuntu Ubuntu Linux 8.04 LTS lpia\nUbuntu Ubuntu Linux 8.04 LTS i386\nUbuntu Ubuntu Linux 8.04 LTS amd64\nUbuntu Ubuntu Linux 6.06 LTS sparc\nUbuntu Ubuntu Linux 6.06 LTS powerpc\nUbuntu Ubuntu Linux 6.06 LTS i386\nUbuntu Ubuntu Linux 6.06 LTS amd64\nS.u.S.E. SUSE Linux Enterprise Server 10 SP2\nS.u.S.E. SUSE Linux Enterprise Desktop 10 SP2\nS.u.S.E. SLE SDK 10 SP2\nS.u.S.E. openSUSE 11.1\nS.u.S.E. openSUSE 11.0\nS.u.S.E. openSUSE 10.3\nS.u.S.E. Open-Enterprise-Server 0\nS.u.S.E. Novell Linux POS 9\nS.u.S.E. Novell Linux Desktop 9\nRedHat Enterprise Linux WS 4\nRedHat Enterprise Linux WS 3\nRedHat Enterprise Linux ES 4\nRedHat Enterprise Linux ES 3\nRedHat Enterprise Linux Desktop Workstation 5 client\nRedHat Enterprise Linux Desktop 5 client\nRedHat Enterprise Linux AS 4\nRedHat Enterprise Linux AS 3\nRedHat Enterprise Linux Desktop version 4\nRedHat Enterprise Linux 5 server\nRedHat Desktop 3.0\nPython Software Foundation Python 2.5.1\nPython Software Foundation Python 2.4.5\nPython Software Foundation Python 2.4.4 r14\nPython Software Foundation Python 2.4.4\nPython Software Foundation Python 2.4.3\n+ Trustix Secure Linux 3.0.5\nPython Software Foundation Python 2.4.2\nPython Software Foundation Python 2.4.1\nPython Software Foundation Python 2.4\nPython Software Foundation Python 2.3.6\nPython Software Foundation Python 2.3.5\nPython Software Foundation Python 2.3.4\nPython Software Foundation Python 2.3.3\nPython Software Foundation Python 2.3.2\nPython Software Foundation Python 2.3.1\nPython Software Foundation Python 2.3 b1\nPython Software Foundation Python 2.3\nPython Software Foundation Python 2.2.3\n+ RedHat Desktop 3.0\n+ RedHat Enterprise Linux AS 3\n+ RedHat Enterprise Linux ES 3\n+ RedHat Enterprise Linux WS 3\n+ Ubuntu Ubuntu Linux 4.1 ppc\n+ Ubuntu Ubuntu Linux 4.1 ia64\n+ Ubuntu Ubuntu Linux 4.1 ia32\nPython Software Foundation Python 2.2.2\n+ OpenPKG OpenPKG 1.2\n+ RedHat Linux 7.3\n+ S.u.S.E. Linux Personal 8.2\nPython Software Foundation Python 2.2.1\nPython Software Foundation Python 2.2\n+ Conectiva Linux 8.0\n+ MandrakeSoft Linux Mandrake 8.2 ppc\n+ MandrakeSoft Linux Mandrake 8.2\n+ MandrakeSoft Linux Mandrake 8.1 ia64\n+ MandrakeSoft Linux Mandrake 8.1\nPython Software Foundation Python 2.1.3\n+ Debian Linux 3.0\nPython Software Foundation Python 2.1.2\nPython Software Foundation Python 2.1.1\nPython Software Foundation Python 2.1\nPython Software Foundation Python 2.0.1\nPython Software Foundation Python 2.0\n+ MandrakeSoft Linux Mandrake 8.0 ppc\n+ MandrakeSoft Linux Mandrake 8.0\nPython Software Foundation Python 1.6.1\nPython Software Foundation Python 1.6\nPython Software Foundation Python 1.5.2\nPython Software Foundation Python 2.5\nMandrakeSoft Multi Network Firewall 2.0\nMandrakeSoft Linux Mandrake 2009.0 x86_64\nMandrakeSoft Linux Mandrake 2009.0\nMandrakeSoft Linux Mandrake 2008.1 x86_64\nMandrakeSoft Linux Mandrake 2008.1\nMandrakeSoft Linux Mandrake 2008.0 x86_64\nMandrakeSoft Linux Mandrake 2008.0\nMandrakeSoft Corporate Server 4.0 x86_64\nMandrakeSoft Corporate Server 3.0 x86_64\nMandrakeSoft Corporate Server 3.0\nMandrakeSoft Corporate Server 4.0\nApple Mac OS X Server 10.5.6\nApple Mac OS X Server 10.5.5\nApple Mac OS X Server 10.5.4\nApple Mac OS X Server 10.5.3\nApple Mac OS X Server 10.5.2\nApple Mac OS X Server 10.5.1\nApple Mac OS X Server 10.4.11\nApple Mac OS X Server 10.4.11\nApple Mac OS X Server 10.4.10\nApple Mac OS X Server 10.4.9\nApple Mac OS X Server 10.4.8\nApple Mac OS X Server 10.4.7\nApple Mac OS X Server 10.4.6\nApple Mac OS X Server 10.4.5\nApple Mac OS X Server 10.4.4\nApple Mac OS X Server 10.4.3\nApple Mac OS X Server 10.4.2\nApple Mac OS X Server 10.4.1\nApple Mac OS X Server 10.4\nApple Mac OS X Server 10.5\nApple Mac OS X 10.5.6\nApple Mac OS X 10.5.5\nApple Mac OS X 10.5.4\nApple Mac OS X 10.5.3\nApple Mac OS X 10.5.2\nApple Mac OS X 10.5.1\nApple Mac OS X 10.4.11\nApple Mac OS X 10.4.11\nApple Mac OS X 10.4.10\nApple Mac OS X 10.4.9\nApple Mac OS X 10.4.8\nApple Mac OS X 10.4.7\nApple Mac OS X 10.4.6\nApple Mac OS X 10.4.5\nApple Mac OS X 10.4.4\nApple Mac OS X 10.4.3\nApple Mac OS X 10.4.2\nApple Mac OS X 10.4.1\nApple Mac OS X 10.4\nApple Mac OS X 10.5\nNot Vulnerable: \tVMWare vMA 4.0 Patch 2\nPython Software Foundation Python 2.5.2 \n\nPOC:\n\nimport imageop\ns = ''\nimageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536)", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-5031"], "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nChris Evans reported multiple integer overflows in the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. \n\n### Impact\n\nA remote attacker could exploit these vulnerabilities in Python applications or daemons that pass user-controlled input to vulnerable functions. The security impact is currently unknown but may include the execution of arbitrary code or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Python 2.5 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.5.4-r2\"\n\nAll Python 2.4 users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.4.6\"", "edition": 1, "modified": "2009-07-19T00:00:00", "published": "2009-07-19T00:00:00", "id": "GLSA-200907-16", "href": "https://security.gentoo.org/glsa/200907-16", "type": "gentoo", "title": "Python: Integer overflows", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:36", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1679", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2018-05-26T04:26:17", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1178", "href": "https://access.redhat.com/errata/RHSA-2009:1178", "type": "redhat", "title": "(RHSA-2009:1178) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:28", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1679", "CVE-2008-1721", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2017-09-08T11:50:33", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1177", "href": "https://access.redhat.com/errata/RHSA-2009:1177", "type": "redhat", "title": "(RHSA-2009:1177) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:33", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2007-4965", "CVE-2008-1721", "CVE-2008-1887", "CVE-2008-2315", "CVE-2008-3142", "CVE-2008-3143", "CVE-2008-3144", "CVE-2008-4864", "CVE-2008-5031"], "description": "Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to disclose sensitive information, crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2007-4965, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nA flaw was discovered in the strxfrm() function of the Python locale\nmodule. Strings generated by this function were not properly\nNULL-terminated, which could possibly cause disclosure of data stored in\nthe memory of a Python application using this function. (CVE-2007-2052)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-2315 issue.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.", "modified": "2017-09-08T12:10:58", "published": "2009-07-27T04:00:00", "id": "RHSA-2009:1176", "href": "https://access.redhat.com/errata/RHSA-2009:1176", "type": "redhat", "title": "(RHSA-2009:1176) Moderate: python security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:27:58", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1178\n\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to crash or, potentially, execute arbitrary\ncode with the Python interpreter's privileges. (CVE-2008-1679,\nCVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-1679 and CVE-2008-2315 issues.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028078.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028079.html\n\n**Affected packages:**\npython\npython-devel\npython-docs\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1178.html", "edition": 4, "modified": "2009-07-27T15:26:24", "published": "2009-07-27T15:25:44", "href": "http://lists.centos.org/pipermail/centos-announce/2009-July/028078.html", "id": "CESA-2009:1178", "title": "python, tkinter security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:11", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2007-4965", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1887", "CVE-2008-5031"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1176\n\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nWhen the assert() system call was disabled, an input sanitization flaw was\nrevealed in the Python string object implementation that led to a buffer\noverflow. The missing check for negative size values meant the Python\nmemory allocator could allocate less memory than expected. This could\nresult in arbitrary code execution with the Python interpreter's\nprivileges. (CVE-2008-1887)\n\nMultiple buffer and integer overflow flaws were found in the Python Unicode\nstring processing and in the Python Unicode and string object\nimplementations. An attacker could use these flaws to cause a denial of\nservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)\n\nMultiple integer overflow flaws were found in the Python imageop module. If\na Python application used the imageop module to process untrusted images,\nit could cause the application to disclose sensitive information, crash or,\npotentially, execute arbitrary code with the Python interpreter's\nprivileges. (CVE-2007-4965, CVE-2008-4864)\n\nMultiple integer underflow and overflow flaws were found in the Python\nsnprintf() wrapper implementation. An attacker could use these flaws to\ncause a denial of service (memory corruption). (CVE-2008-3144)\n\nMultiple integer overflow flaws were found in various Python modules. An\nattacker could use these flaws to cause a denial of service (Python\napplication crash). (CVE-2008-2315, CVE-2008-3143)\n\nAn integer signedness error, leading to a buffer overflow, was found\nin the Python zlib extension module. If a Python application requested\nthe negative byte count be flushed for a decompression stream, it could\ncause the application to crash or, potentially, execute arbitrary code\nwith the Python interpreter's privileges. (CVE-2008-1721)\n\nA flaw was discovered in the strxfrm() function of the Python locale\nmodule. Strings generated by this function were not properly\nNULL-terminated, which could possibly cause disclosure of data stored in\nthe memory of a Python application using this function. (CVE-2007-2052)\n\nRed Hat would like to thank David Remahl of the Apple Product Security team\nfor responsibly reporting the CVE-2008-2315 issue.\n\nAll Python users should upgrade to these updated packages, which contain\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028088.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028089.html\n\n**Affected packages:**\npython\npython-devel\npython-tools\ntkinter\n\n**Upstream details at:**\n", "edition": 3, "modified": "2009-07-29T17:31:50", "published": "2009-07-29T17:31:50", "href": "http://lists.centos.org/pipermail/centos-announce/2009-July/028088.html", "id": "CESA-2009:1176", "title": "python, tkinter security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:57", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.2.3-6.11]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486114\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008\n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143) \n- Resolves: 455013\n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031)\n- Resolves: 470915\n- imageop module integer overflows (CVE-2008-1679)\n- CVE-2008-1679 patch is part of python-2.2.3-CVE-2008-4864-imageop-1.patch\n- Resolves: 441306", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1178", "href": "http://linux.oracle.com/errata/ELSA-2009-1178.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:40", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1679", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.3.4-14.7.el4_8.2]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486329\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008 \n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143)\n- Resolves: 455013 \n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031)\n- Resolves: 470915\n- integer signedness error in the zlib extension module (CVE-2008-1721)\n- Resolves: 442005\n- imageop module integer overflows (CVE-2008-1679)\n- CVE-2008-1679 patch is part of python-2.3.4-CVE-2008-4864-imageop-{1,2}.patch\n- Resolves: 441306 ", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1177", "href": "http://linux.oracle.com/errata/ELSA-2009-1177.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-2052", "CVE-2008-1721", "CVE-2008-3143", "CVE-2008-4864", "CVE-2007-4965", "CVE-2008-3144", "CVE-2008-3142", "CVE-2008-2315", "CVE-2008-1887", "CVE-2008-5031"], "description": "[2.4.3-24.el5_3.6]\n- Fix all of the low priority security bugs:\n- Resolves: rhbz#486351\n- Multiple integer overflows in python core (CVE-2008-2315)\n- Resolves: 455008\n- PyString_FromStringAndSize does not check for negative size values (CVE-2008-1887)\n- Resolves: 443810\n- Multiple integer overflows discovered by Google (CVE-2008-3143)\n- Resolves: 455013\n- Multiple buffer overflows in unicode processing (CVE-2008-3142)\n- Resolves: 454990\n- Potential integer underflow and overflow in the PyOS_vsnprintf C API function (CVE-2008-3144)\n- Resolves: 455018\n- imageop module multiple integer overflows (CVE-2008-4864)\n- Resolves: 469656\n- stringobject, unicodeobject integer overflows (CVE-2008-5031) \n- Resolves: 470915\n- integer signedness error in the zlib extension module (CVE-2008-1721)\n- Resolves: 442005\n- off-by-one locale.strxfrm() (possible memory disclosure) (CVE-2007-2052)\n- Resolves: 235093\n- imageop module heap corruption (CVE-2007-4965)\n- Resolves: 295971 ", "edition": 4, "modified": "2009-07-27T00:00:00", "published": "2009-07-27T00:00:00", "id": "ELSA-2009-1176", "href": "http://linux.oracle.com/errata/ELSA-2009-1176.html", "title": "python security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "vmware": [{"lastseen": "2019-11-06T16:05:47", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5342", "CVE-2007-2052", "CVE-2009-1095", "CVE-2009-1093", "CVE-2009-1104", "CVE-2009-1096", "CVE-2009-2670", "CVE-2009-1895", "CVE-2009-2692", "CVE-2009-1099", "CVE-2009-2716", "CVE-2009-2417", "CVE-2008-1721", "CVE-2009-1097", "CVE-2008-3143", "CVE-2009-2414", "CVE-2008-4864", "CVE-2009-1385", "CVE-2008-5700", "CVE-2008-3528", "CVE-2009-0033", "CVE-2009-2723", "CVE-2009-2718", "CVE-2007-5333", "CVE-2009-0675", "CVE-2009-0747", "CVE-2009-0787", "CVE-2009-2416", "CVE-2008-4307", "CVE-2009-0696", "CVE-2009-2722", "CVE-2007-4965", "CVE-2009-0746", "CVE-2009-0580", "CVE-2009-2698", "CVE-2009-0028", "CVE-2009-2720", "CVE-2009-0781", "CVE-2008-5515", "CVE-2009-2625", "CVE-2008-1947", "CVE-2009-0778", "CVE-2009-2673", "CVE-2009-1100", "CVE-2008-3144", "CVE-2009-1072", "CVE-2009-0322", "CVE-2009-0159", "CVE-2009-0676", "CVE-2009-1192", "CVE-2009-1098", "CVE-2009-1094", "CVE-2009-0745", "CVE-2007-5461", "CVE-2008-3142", "CVE-2009-2407", "CVE-2009-1106", "CVE-2009-1337", "CVE-2009-1103", "CVE-2007-5966", "CVE-2009-1388", "CVE-2009-0783", "CVE-2009-0269", "CVE-2007-6286", "CVE-2009-2724", "CVE-2009-1389", "CVE-2008-2370", "CVE-2009-0834", "CVE-2009-1633", "CVE-2008-2315", "CVE-2009-0748", "CVE-2009-1101", "CVE-2009-2406", "CVE-2009-1439", "CVE-2009-1336", "CVE-2009-2848", "CVE-2009-1252", "CVE-2008-1887", "CVE-2009-1107", "CVE-2009-2671", "CVE-2008-1232", "CVE-2008-5031", "CVE-2009-1102", "CVE-2009-1630", "CVE-2009-2672", "CVE-2009-2847", "CVE-2009-2719", "CVE-2009-2676", "CVE-2009-1105", "CVE-2009-2721", "CVE-2009-2675", "CVE-2008-0002"], "description": "a. JRE Security Update \n \nJRE update to version 1.5.0_20, which addresses multiple security \nissues that existed in earlier releases of JRE. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_18: CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, \nCVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, \nCVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, \nCVE-2009-1104, CVE-2009-1105, CVE-2009-1106, and CVE-2009-1107. \nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has \nassigned the following names to the security issues fixed in \nJRE 1.5.0_20: CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, \nCVE-2009-2672, CVE-2009-2673, CVE-2009-2675, CVE-2009-2676, \nCVE-2009-2716, CVE-2009-2718, CVE-2009-2719, CVE-2009-2720, \nCVE-2009-2721, CVE-2009-2722, CVE-2009-2723, CVE-2009-2724. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 4, "modified": "2010-03-29T00:00:00", "published": "2009-11-20T00:00:00", "id": "VMSA-2009-0016", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0016.html", "title": "VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.", "type": "vmware", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
