{"id": "OPENVAS:841199", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for python3.1 USN-1616-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1616-1", "published": "2012-10-26T00:00:00", "modified": "2017-12-01T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=841199", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://www.ubuntu.com/usn/usn-1616-1/", "1616-1"], "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2012-2135", "CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "immutableFields": [], "lastseen": "2017-12-04T11:20:20", "viewCount": 15, "enchantments": {"score": {"value": 0.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2012-080", "ALAS-2012-081", "ALAS-2012-098"]}, {"type": "centos", "idList": ["CESA-2011:0491", "CESA-2012:0744", "CESA-2012:0745"]}, {"type": "cve", "idList": ["CVE-2008-5983", "CVE-2008-5984", "CVE-2008-5985", "CVE-2008-5986", "CVE-2008-5987", "CVE-2009-0314", "CVE-2009-0315", "CVE-2009-0316", "CVE-2009-0317", "CVE-2009-0318", "CVE-2010-1634", "CVE-2010-2089", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150", "CVE-2012-1587", "CVE-2012-2135", "CVE-2013-7040"]}, {"type": "debian", "idList": ["DEBIAN:DLA-25-1:0FCA7"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2008-5984", "DEBIANCVE:CVE-2008-5985", "DEBIANCVE:CVE-2008-5986", "DEBIANCVE:CVE-2008-5987", "DEBIANCVE:CVE-2009-0314", "DEBIANCVE:CVE-2009-0315", "DEBIANCVE:CVE-2009-0316", "DEBIANCVE:CVE-2009-0317", "DEBIANCVE:CVE-2009-0318", "DEBIANCVE:CVE-2010-1634", "DEBIANCVE:CVE-2010-2089", "DEBIANCVE:CVE-2011-4944", "DEBIANCVE:CVE-2012-0845", "DEBIANCVE:CVE-2012-1150", "DEBIANCVE:CVE-2013-7040"]}, {"type": "f5", "idList": ["F5:K75910138"]}, {"type": "fedora", "idList": ["FEDORA:1015F1115E5", "FEDORA:179F720CEB", "FEDORA:269F320D4C", "FEDORA:2B4CF20C99", "FEDORA:4380D208D5D", "FEDORA:478CD1119BD", "FEDORA:4FECC20A10", "FEDORA:9C835110BAB", "FEDORA:AD13120DB6", "FEDORA:BFDED20E5F", "FEDORA:DD57B208B1"]}, {"type": "freebsd", "idList": ["B4F8BE9E-56B2-11E1-9FB7-003067B2972C", "E848A92F-0E7D-11DE-92DE-000BCDC1757A"]}, {"type": "gentoo", "idList": ["GLSA-200903-41", "GLSA-200904-06", "GLSA-201401-04"]}, {"type": "ibm", "idList": ["EF6337B3BE8850DC5B93DC33DA6E2610AE8AC00F05BFD07EB43C35AAAB391818"]}, {"type": "nessus", "idList": ["6039.PRM", "ALA_ALAS-2012-80.NASL", "ALA_ALAS-2012-81.NASL", "ALA_ALAS-2012-98.NASL", "CENTOS_RHSA-2011-0491.NASL", "CENTOS_RHSA-2012-0744.NASL", "CENTOS_RHSA-2012-0745.NASL", "FEDORA_2009-1289.NASL", "FEDORA_2009-1295.NASL", "FEDORA_2010-13388.NASL", "FEDORA_2010-9565.NASL", "FEDORA_2010-9652.NASL", "FEDORA_2012-5785.NASL", "FEDORA_2012-5892.NASL", "FEDORA_2012-5916.NASL", "FEDORA_2012-5924.NASL", "FEDORA_2012-9135.NASL", "FREEBSD_PKG_B4F8BE9E56B211E19FB7003067B2972C.NASL", "FREEBSD_PKG_E848A92F0E7D11DE92DE000BCDC1757A.NASL", "GENTOO_GLSA-200903-41.NASL", "GENTOO_GLSA-200904-06.NASL", "GENTOO_GLSA-201401-04.NASL", "MACOSX_10_7_2.NASL", "MACOSX_10_9.NASL", "MACOSX_SECUPD2011-006.NASL", "MANDRIVA_MDVSA-2010-132.NASL", "MANDRIVA_MDVSA-2012-096.NASL", "MANDRIVA_MDVSA-2012-097.NASL", "MANDRIVA_MDVSA-2013-117.NASL", "NEWSTART_CGSL_NS-SA-2019-0008_PYTHON.NASL", "OPENSUSE-2012-302.NASL", "OPENSUSE-2012-380.NASL", "OPENSUSE-2020-86.NASL", "ORACLELINUX_ELSA-2011-0491.NASL", "ORACLELINUX_ELSA-2012-0744.NASL", "ORACLELINUX_ELSA-2012-0745.NASL", "REDHAT-RHSA-2011-0027.NASL", "REDHAT-RHSA-2011-0491.NASL", "REDHAT-RHSA-2012-0744.NASL", "REDHAT-RHSA-2012-0745.NASL", "SL_20110113_PYTHON_ON_SL5_X.NASL", "SL_20110505_PYTHON_ON_SL4_X.NASL", "SL_20120618_PYTHON_ON_SL5_X.NASL", "SL_20120618_PYTHON_ON_SL6_X.NASL", "SOLARIS11_PYTHON_20130313.NASL", "SOLARIS11_PYTHON_20130410.NASL", "SUSE_11_2_LIBPYTHON2_6-1_0-101028.NASL", "SUSE_11_APACHE2-MOD_PYTHON-120503.NASL", "SUSE_11_LIBPYTHON2_6-1_0-101028.NASL", "SUSE_11_LIBPYTHON2_6-1_0-101109.NASL", "SUSE_11_PYTHON-RANDOMISATION-UPDATE-120516.NASL", "SUSE_11_PYTHON-RANDOMISATION-UPDATE-120517.NASL", "SUSE_APACHE2-MOD_PYTHON-8127.NASL", "SUSE_PYTHON-7314.NASL", "SUSE_PYTHON-8080.NASL", "SUSE_SU-2020-0114-1.NASL", "SUSE_SU-2020-0234-1.NASL", "SUSE_SU-2022-4619-1.NASL", "UBUNTU_USN-1592-1.NASL", "UBUNTU_USN-1596-1.NASL", "UBUNTU_USN-1613-1.NASL", "UBUNTU_USN-1613-2.NASL", "UBUNTU_USN-1615-1.NASL", "UBUNTU_USN-1616-1.NASL", "VMWARE_ESXI_5_0_BUILD_608089_REMOTE.NASL", "VMWARE_ESXI_5_1_BUILD_2323236_REMOTE.NASL", "VMWARE_VMSA-2012-0001.NASL", "VMWARE_VMSA-2012-0001_REMOTE.NASL", "VMWARE_VMSA-2012-0016.NASL", "VMWARE_VMSA-2012-0016_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:103448", "OPENVAS:103609", "OPENVAS:1361412562310103448", "OPENVAS:1361412562310103609", "OPENVAS:1361412562310120125", "OPENVAS:1361412562310120126", "OPENVAS:1361412562310120305", "OPENVAS:1361412562310121101", "OPENVAS:1361412562310122278", "OPENVAS:1361412562310123901", "OPENVAS:1361412562310123902", "OPENVAS:136141256231063330", "OPENVAS:136141256231063415", "OPENVAS:136141256231063564", "OPENVAS:136141256231063738", "OPENVAS:136141256231063800", "OPENVAS:136141256231071172", "OPENVAS:1361412562310802336", "OPENVAS:1361412562310831023", "OPENVAS:1361412562310831110", "OPENVAS:1361412562310831685", "OPENVAS:1361412562310831686", "OPENVAS:1361412562310841173", "OPENVAS:1361412562310841178", "OPENVAS:1361412562310841194", "OPENVAS:1361412562310841195", "OPENVAS:1361412562310841197", "OPENVAS:1361412562310841199", "OPENVAS:1361412562310853008", "OPENVAS:1361412562310862160", "OPENVAS:1361412562310862218", "OPENVAS:1361412562310862373", "OPENVAS:1361412562310864199", "OPENVAS:1361412562310864218", "OPENVAS:1361412562310864223", "OPENVAS:1361412562310864317", "OPENVAS:1361412562310864384", "OPENVAS:1361412562310864392", "OPENVAS:1361412562310864477", "OPENVAS:1361412562310870377", "OPENVAS:1361412562310870430", "OPENVAS:1361412562310870756", "OPENVAS:1361412562310870757", "OPENVAS:1361412562310880556", "OPENVAS:1361412562310881085", "OPENVAS:1361412562310881128", "OPENVAS:1361412562310881427", "OPENVAS:63330", "OPENVAS:63415", "OPENVAS:63564", "OPENVAS:63738", "OPENVAS:63800", "OPENVAS:71172", "OPENVAS:802336", "OPENVAS:831023", "OPENVAS:831110", "OPENVAS:831685", "OPENVAS:831686", "OPENVAS:841173", "OPENVAS:841178", "OPENVAS:841194", "OPENVAS:841195", "OPENVAS:841197", "OPENVAS:862160", "OPENVAS:862218", "OPENVAS:862373", "OPENVAS:864199", "OPENVAS:864218", "OPENVAS:864223", "OPENVAS:864317", "OPENVAS:864384", "OPENVAS:864392", "OPENVAS:864477", "OPENVAS:870377", "OPENVAS:870430", "OPENVAS:870756", "OPENVAS:870757", "OPENVAS:880556", "OPENVAS:881085", "OPENVAS:881128", "OPENVAS:881427"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0027", "ELSA-2011-0491", "ELSA-2011-0554", "ELSA-2012-0744", "ELSA-2012-0745"]}, {"type": "osv", "idList": ["OSV:DLA-25-1"]}, {"type": "redhat", "idList": ["RHSA-2011:0027", "RHSA-2011:0491", "RHSA-2012:0744", "RHSA-2012:0745"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21590", "SECURITYVULNS:DOC:24260", "SECURITYVULNS:DOC:27155", "SECURITYVULNS:DOC:28232", "SECURITYVULNS:VULN:11004", "SECURITYVULNS:VULN:11973", "SECURITYVULNS:VULN:12454", "SECURITYVULNS:VULN:9683"]}, {"type": "seebug", "idList": ["SSV:19709", "SSV:30124", "SSV:4870", "SSV:60008", "SSV:60424"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0086-1"]}, {"type": "ubuntu", "idList": ["USN-1592-1", "USN-1596-1", "USN-1613-1", "USN-1613-2", "USN-1615-1", "USN-1616-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2008-5983", "UB:CVE-2008-5984", "UB:CVE-2008-5985", "UB:CVE-2008-5986", "UB:CVE-2008-5987", "UB:CVE-2009-0314", "UB:CVE-2009-0315", "UB:CVE-2009-0316", "UB:CVE-2009-0317", "UB:CVE-2009-0318", "UB:CVE-2010-1634", "UB:CVE-2010-2089", "UB:CVE-2011-4944", "UB:CVE-2012-0845", "UB:CVE-2012-1150", "UB:CVE-2012-2135", "UB:CVE-2013-7040"]}, {"type": "veracode", "idList": ["VERACODE:24356", "VERACODE:24360", "VERACODE:24361"]}, {"type": "vmware", "idList": ["VMSA-2012-0001", "VMSA-2012-0001.2", "VMSA-2012-0016"]}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2012-098"]}, {"type": "centos", "idList": ["CESA-2011:0491", "CESA-2012:0744", "CESA-2012:0745"]}, {"type": "cve", "idList": ["CVE-2008-5983"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2010-1634", "DEBIANCVE:CVE-2010-2089", "DEBIANCVE:CVE-2011-4944", "DEBIANCVE:CVE-2012-0845", "DEBIANCVE:CVE-2012-1150"]}, {"type": "f5", "idList": ["F5:K75910138"]}, {"type": "fedora", "idList": ["FEDORA:DD57B208B1"]}, {"type": "freebsd", "idList": ["B4F8BE9E-56B2-11E1-9FB7-003067B2972C", "E848A92F-0E7D-11DE-92DE-000BCDC1757A"]}, {"type": "gentoo", "idList": ["GLSA-200903-41"]}, {"type": "nessus", "idList": ["MANDRIVA_MDVSA-2010-132.NASL", "MANDRIVA_MDVSA-2012-096.NASL", "OPENSUSE-2020-86.NASL", "SL_20120618_PYTHON_ON_SL6_X.NASL", "SUSE_SU-2020-0114-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120305", "OPENVAS:136141256231063415", "OPENVAS:1361412562310864384", "OPENVAS:831023", "OPENVAS:862373"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0491"]}, {"type": "redhat", "idList": ["RHSA-2012:0745"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:24260"]}, {"type": "seebug", "idList": ["SSV:60424"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0086-1"]}, {"type": "ubuntu", "idList": ["USN-1592-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2010-1634", "UB:CVE-2012-1150"]}, {"type": "vmware", "idList": ["VMSA-2012-0001"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2011-4944", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2012-1150", "epss": "0.007150000", "percentile": "0.774890000", "modified": "2023-03-15"}, {"cve": "CVE-2012-0845", "epss": "0.159900000", "percentile": "0.950450000", "modified": "2023-03-15"}, {"cve": "CVE-2012-2135", "epss": "0.032780000", "percentile": "0.897630000", "modified": "2023-03-15"}, {"cve": "CVE-2010-2089", "epss": "0.023320000", "percentile": "0.880260000", "modified": "2023-03-15"}, {"cve": "CVE-2008-5983", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2010-1634", "epss": "0.007590000", "percentile": "0.783020000", "modified": "2023-03-15"}], "vulnersScore": 0.5}, "_state": {"dependencies": 1678912935, "score": 1683821708, "epss": 1678926051}, "_internal": {"score_hash": "f84875341d9f4e0d0dd03d2165827d21"}, "pluginID": "841199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1616_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python3.1 USN-1616-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n This issue only affected Ubuntu 10.04 LTS. (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. These issues only affected Ubuntu 10.04 LTS.\n (CVE-2010-1634, CVE-2010-2089)\n \n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n \n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n \n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This update adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\n \n Serhiy Storchaka discovered that the UTF16 decoder in Python did not\n properly reset internal variables after error handling. An attacker could\n exploit this to cause a denial of service via memory corruption.\n (CVE-2012-2135)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1616-1\";\ntag_affected = \"python3.1 on Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1616-1/\");\n script_id(841199);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-26 09:50:43 +0530 (Fri, 26 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1616-1\");\n script_name(\"Ubuntu Update for python3.1 USN-1616-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.1\", ver:\"3.1.2-0ubuntu3.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.1-minimal\", ver:\"3.1.2-0ubuntu3.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.1\", ver:\"3.1.3-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.1-minimal\", ver:\"3.1.3-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}
{"ubuntu": [{"lastseen": "2023-09-18T13:52:42", "description": "## Releases\n\n * Ubuntu 11.04 \n * Ubuntu 10.04 \n\n## Packages\n\n * python3.1 \\- An interactive high-level object-oriented language (version 3.1)\n\nIt was discovered that Python would prepend an empty string to sys.path \nunder certain circumstances. A local attacker with write access to the \ncurrent working directory could exploit this to execute arbitrary code. \nThis issue only affected Ubuntu 10.04 LTS. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input \nvalidation. If a user or automatated system were tricked into opening a \ncrafted audio file, an attacker could cause a denial of service via \napplication crash. These issues only affected Ubuntu 10.04 LTS. \n(CVE-2010-1634, CVE-2010-2089)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. \n(CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. \nAn attacker could cause a denial of service under certian circumstances. \nThis update adds the '-R' command line option and honors setting the \nPYTHONHASHSEED environment variable to 'random' to salt str and datetime \nobjects with an unpredictable value. (CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not \nproperly reset internal variables after error handling. An attacker could \nexploit this to cause a denial of service via memory corruption. \n(CVE-2012-2135)\n", "cvss3": {}, "published": "2012-10-24T00:00:00", "type": "ubuntu", "title": "Python 3.1 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150", "CVE-2012-2135"], "modified": "2012-10-24T00:00:00", "id": "USN-1616-1", "href": "https://ubuntu.com/security/notices/USN-1616-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-01T07:12:26", "description": "## Releases\n\n * Ubuntu 12.10 \n * Ubuntu 12.04 \n * Ubuntu 11.10 \n * Ubuntu 11.04 \n\n## Packages\n\n * python3.2 \\- An interactive high-level object-oriented language (version 3.2)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. This issue \nonly affected Ubuntu 11.04 and 11.10. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. \nAn attacker could cause a denial of service under certian circumstances. \nThis update adds the '-R' command line option and honors setting the \nPYTHONHASHSEED environment variable to 'random' to salt str and datetime \nobjects with an unpredictable value. This issue only affected Ubuntu 11.04 \nand 11.10. (CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not \nproperly reset internal variables after error handling. An attacker could \nexploit this to cause a denial of service via memory corruption. This issue \ndid not affect Ubuntu 12.10. (CVE-2012-2135)\n", "cvss3": {}, "published": "2012-10-23T00:00:00", "type": "ubuntu", "title": "Python 3.2 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150", "CVE-2012-2135"], "modified": "2012-10-23T00:00:00", "id": "USN-1615-1", "href": "https://ubuntu.com/security/notices/USN-1615-1", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-09-18T14:00:29", "description": "## Releases\n\n * Ubuntu 11.10 \n * Ubuntu 11.04 \n * Ubuntu 10.04 \n\n## Packages\n\n * python2.6 \\- An interactive high-level object-oriented language\n\nIt was discovered that Python would prepend an empty string to sys.path \nunder certain circumstances. A local attacker with write access to the \ncurrent working directory could exploit this to execute arbitrary code. \n(CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input \nvalidation. If a user or automatated system were tricked into opening a \ncrafted audio file, an attacker could cause a denial of service via \napplication crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. \nA remote attacker could exploit this to cause a denial of service via \ndaemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform \ninput validation on certain HTTP GET requests. A remote attacker could \npotentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process \nLocation headers that specify a redirection to file: URLs. A remote \nattacker could exploit this to obtain sensitive information or cause a \ndenial of service. This issue only affected Ubuntu 11.04. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in \nthe Content-Type HTTP header. An attacker could potentially exploit this \nto conduct cross-site scripting (XSS) attacks against Internet Explorer 7 \nusers. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. \n(CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. \nAn attacker could cause a denial of service under certian circumstances. \nThis update adds the '-R' command line option and honors setting the \nPYTHONHASHSEED environment variable to 'random' to salt str and datetime \nobjects with an unpredictable value. (CVE-2012-1150)\n", "cvss3": {}, "published": "2012-10-04T00:00:00", "type": "ubuntu", "title": "Python 2.6 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2012-10-04T00:00:00", "id": "USN-1596-1", "href": "https://ubuntu.com/security/notices/USN-1596-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-18T13:59:50", "description": "## Releases\n\n * Ubuntu 11.10 \n * Ubuntu 11.04 \n\n## Packages\n\n * python2.7 \\- An interactive high-level object-oriented language (version 2.7)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process \nLocation headers that specify a redirection to file: URLs. A remote \nattacker could exploit this to obtain sensitive information or cause a \ndenial of service. This issue only affected Ubuntu 11.04. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in \nthe Content-Type HTTP header. An attacker could potentially exploit this \nto conduct cross-site scripting (XSS) attacks against Internet Explorer 7 \nusers. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. \n(CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. \nAn attacker could cause a denial of service under certian circumstances. \nThis update adds the '-R' command line option and honors setting the \nPYTHONHASHSEED environment variable to 'random' to salt str and datetime \nobjects with an unpredictable value. (CVE-2012-1150)\n", "cvss3": {}, "published": "2012-10-02T00:00:00", "type": "ubuntu", "title": "Python 2.7 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2012-10-02T00:00:00", "id": "USN-1592-1", "href": "https://ubuntu.com/security/notices/USN-1592-1", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-09-18T13:56:53", "description": "## Releases\n\n * Ubuntu 8.04 \n\n## Packages\n\n * python2.5 \\- An interactive high-level object-oriented language (version 2.5)\n\nIt was discovered that Python would prepend an empty string to sys.path \nunder certain circumstances. A local attacker with write access to the \ncurrent working directory could exploit this to execute arbitrary code. \n(CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input \nvalidation. If a user or automatated system were tricked into opening a \ncrafted audio file, an attacker could cause a denial of service via \napplication crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. \nA remote attacker could exploit this to cause a denial of service via \ndaemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform \ninput validation on certain HTTP GET requests. A remote attacker could \npotentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process \nLocation headers that specify a redirection to file: URLs. A remote \nattacker could exploit this to obtain sensitive information or cause a \ndenial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in \nthe Content-Type HTTP header. An attacker could potentially exploit this \nto conduct cross-site scripting (XSS) attacks against Internet Explorer 7 \nusers. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. \n(CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values \nwithout restricting the ability to trigger hash collisions predictably. If \na user or application using pyexpat were tricked into opening a crafted XML \nfile, an attacker could cause a denial of service by consuming excessive \nCPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly \nhandle memory reallocation when processing XML files. If a user or \napplication using pyexpat were tricked into opening a crafted XML file, an \nattacker could cause a denial of service by consuming excessive memory \nresources. (CVE-2012-1148)\n", "cvss3": {}, "published": "2012-10-17T00:00:00", "type": "ubuntu", "title": "Python 2.5 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1148"], "modified": "2012-10-17T00:00:00", "id": "USN-1613-1", "href": "https://ubuntu.com/security/notices/USN-1613-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-09-18T13:54:14", "description": "## Releases\n\n * Ubuntu 8.04 \n\n## Packages\n\n * python2.4 \\- An interactive high-level object-oriented language (version 2.4)\n\nUSN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the \ncorresponding updates for Python 2.4.\n\nOriginal advisory details:\n\nIt was discovered that Python would prepend an empty string to sys.path \nunder certain circumstances. A local attacker with write access to the \ncurrent working directory could exploit this to execute arbitrary code. \n(CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input \nvalidation. If a user or automatated system were tricked into opening a \ncrafted audio file, an attacker could cause a denial of service via \napplication crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. \nA remote attacker could exploit this to cause a denial of service via \ndaemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform \ninput validation on certain HTTP GET requests. A remote attacker could \npotentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process \nLocation headers that specify a redirection to file: URLs. A remote \nattacker could exploit this to obtain sensitive information or cause a \ndenial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in \nthe Content-Type HTTP header. An attacker could potentially exploit this \nto conduct cross-site scripting (XSS) attacks against Internet Explorer 7 \nusers. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when \ncreating the ~/.pypirc file. A local attacker could exploit this to obtain \nsensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its \ninput when handling HTTP POST requests. A remote attacker could exploit \nthis to cause a denial of service via excessive CPU utilization. \n(CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values \nwithout restricting the ability to trigger hash collisions predictably. If \na user or application using pyexpat were tricked into opening a crafted XML \nfile, an attacker could cause a denial of service by consuming excessive \nCPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly \nhandle memory reallocation when processing XML files. If a user or \napplication using pyexpat were tricked into opening a crafted XML file, an \nattacker could cause a denial of service by consuming excessive memory \nresources. (CVE-2012-1148)\n", "cvss3": {}, "published": "2012-10-17T00:00:00", "type": "ubuntu", "title": "Python 2.4 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1148"], "modified": "2012-10-17T00:00:00", "id": "USN-1613-2", "href": "https://ubuntu.com/security/notices/USN-1613-2", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:29:08", "description": "It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. These issues only affected Ubuntu 10.04 LTS. (CVE-2010-1634, CVE-2010-2089)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. An attacker could cause a denial of service under certian circumstances. This update adds the '-R' command line option and honors setting the PYTHONHASHSEED environment variable to 'random' to salt str and datetime objects with an unpredictable value.\n(CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not properly reset internal variables after error handling. An attacker could exploit this to cause a denial of service via memory corruption.\n(CVE-2012-2135).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-25T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 : python3.1 vulnerabilities (USN-1616-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150", "CVE-2012-2135"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3.1", "p-cpe:/a:canonical:ubuntu_linux:python3.1-minimal", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04"], "id": "UBUNTU_USN-1616-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62700", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1616-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62700);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_bugtraq_id(40370, 40862, 40863, 51239, 51996, 52732, 53244);\n script_xref(name:\"USN\", value:\"1616-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 : python3.1 vulnerabilities (USN-1616-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python would prepend an empty string to\nsys.path under certain circumstances. A local attacker with write\naccess to the current working directory could exploit this to execute\narbitrary code. This issue only affected Ubuntu 10.04 LTS.\n(CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform\ninput validation. If a user or automated system were tricked into\nopening a crafted audio file, an attacker could cause a denial of\nservice via application crash. These issues only affected Ubuntu 10.04\nLTS. (CVE-2010-1634, CVE-2010-2089)\n\nIt was discovered that Python distutils contained a race condition\nwhen creating the ~/.pypirc file. A local attacker could exploit this\nto obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate\nits input when handling HTTP POST requests. A remote attacker could\nexploit this to cause a denial of service via excessive CPU\nutilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm\nattacks. An attacker could cause a denial of service under certian\ncircumstances. This update adds the '-R' command line option and\nhonors setting the PYTHONHASHSEED environment variable to 'random' to\nsalt str and datetime objects with an unpredictable value.\n(CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not\nproperly reset internal variables after error handling. An attacker\ncould exploit this to cause a denial of service via memory corruption.\n(CVE-2012-2135).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1616-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3.1 and / or python3.1-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.1-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python3.1\", pkgver:\"3.1.2-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python3.1-minimal\", pkgver:\"3.1.2-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python3.1\", pkgver:\"3.1.3-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python3.1-minimal\", pkgver:\"3.1.3-1ubuntu1.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3.1 / python3.1-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:07", "description": "It was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. This issue only affected Ubuntu 11.04 and 11.10.\n(CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. An attacker could cause a denial of service under certian circumstances. This update adds the '-R' command line option and honors setting the PYTHONHASHSEED environment variable to 'random' to salt str and datetime objects with an unpredictable value. This issue only affected Ubuntu 11.04 and 11.10. (CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not properly reset internal variables after error handling. An attacker could exploit this to cause a denial of service via memory corruption.\nThis issue did not affect Ubuntu 12.10. (CVE-2012-2135).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-24T00:00:00", "type": "nessus", "title": "Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150", "CVE-2012-2135"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3.2", "p-cpe:/a:canonical:ubuntu_linux:python3.2-minimal", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1615-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62677", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1615-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62677);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_xref(name:\"USN\", value:\"1615-1\");\n\n script_name(english:\"Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python distutils contained a race condition\nwhen creating the ~/.pypirc file. A local attacker could exploit this\nto obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate\nits input when handling HTTP POST requests. A remote attacker could\nexploit this to cause a denial of service via excessive CPU\nutilization. This issue only affected Ubuntu 11.04 and 11.10.\n(CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm\nattacks. An attacker could cause a denial of service under certian\ncircumstances. This update adds the '-R' command line option and\nhonors setting the PYTHONHASHSEED environment variable to 'random' to\nsalt str and datetime objects with an unpredictable value. This issue\nonly affected Ubuntu 11.04 and 11.10. (CVE-2012-1150)\n\nSerhiy Storchaka discovered that the UTF16 decoder in Python did not\nproperly reset internal variables after error handling. An attacker\ncould exploit this to cause a denial of service via memory corruption.\nThis issue did not affect Ubuntu 12.10. (CVE-2012-2135).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1615-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3.2 and / or python3.2-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.2-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python3.2\", pkgver:\"3.2-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python3.2-minimal\", pkgver:\"3.2-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python3.2\", pkgver:\"3.2.2-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python3.2-minimal\", pkgver:\"3.2.2-0ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python3.2\", pkgver:\"3.2.3-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"python3.2-minimal\", pkgver:\"3.2.3-0ubuntu3.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.2\", pkgver:\"3.2.3-6ubuntu3.1\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"python3.2-minimal\", pkgver:\"3.2.3-6ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3.2 / python3.2-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:48:59", "description": "- Fri Jun 4 2010 David Malcolm <dmalcolm at redhat.com> - 2.6.4-27\n\n - ensure that the compiler is invoked with '-fwrapv' (rhbz#594819)\n\n - CVE-2010-1634: fix various integer overflow checks in the audioop module (patch 113)\n\n - CVE-2010-2089: further checks within the audioop module (patch 114)\n\n - CVE-2008-5983: the new PySys_SetArgvEx entry point from r81399 (patch 115)\n\n - Mon Apr 26 2010 Dennis Gilmore <dennis at ausil.us> - 2.6.4-26\n\n - disable --with-valgrind on sparc arches\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-01T00:00:00", "type": "nessus", "title": "Fedora 13 : python-2.6.4-27.fc13 (2010-9652)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-9652.NASL", "href": "https://www.tenable.com/plugins/nessus/47547", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9652.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47547);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_bugtraq_id(40370);\n script_xref(name:\"FEDORA\", value:\"2010-9652\");\n\n script_name(english:\"Fedora 13 : python-2.6.4-27.fc13 (2010-9652)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Jun 4 2010 David Malcolm <dmalcolm at redhat.com> -\n 2.6.4-27\n\n - ensure that the compiler is invoked with '-fwrapv'\n (rhbz#594819)\n\n - CVE-2010-1634: fix various integer overflow checks in\n the audioop module (patch 113)\n\n - CVE-2010-2089: further checks within the audioop module\n (patch 114)\n\n - CVE-2008-5983: the new PySys_SetArgvEx entry point\n from r81399 (patch 115)\n\n - Mon Apr 26 2010 Dennis Gilmore <dennis at ausil.us> -\n 2.6.4-26\n\n - disable --with-valgrind on sparc arches\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=482814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=590690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598197\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea86d227\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"python-2.6.4-27.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:49:44", "description": "- Fri Jun 4 2010 David Malcolm <dmalcolm at redhat.com> - 2.6.2-8\n\n - ensure that the compiler is invoked with '-fwrapv' (rhbz#594819)\n\n - CVE-2010-1634: fix various integer overflow checks in the audioop module (patch 113)\n\n - CVE-2010-2089: further checks within the audioop module (patch 114)\n\n - CVE-2008-5983: the new PySys_SetArgvEx entry point from r81399 (patch 115)\n\n - Fri Mar 12 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-7\n\n - document all patches, and remove the commented-out ones\n\n - Address some of the issues identified in package review (bug 226342) :\n\n - update libs requirement on base package to use %{name} for consistency's sake\n\n - convert from backticks to $() syntax throughout\n\n - wrap value of LD_LIBRARY_PATH in quotes\n\n - convert '/usr/bin/find' requirement to 'findutils'\n\n - remove trailing periods from summaries of subpackages\n\n - fix spelling mistake in description of -test subpackage\n\n - convert usage of $$RPM_BUILD_ROOT to %{buildroot} throughout, for stylistic consistency\n\n - supply dirmode arguments to defattr directives\n\n - replace references to /usr with %{_prefix}; replace references to /usr/include with %{_includedir}\n\n - fixup the build when __python_ver is set (Zach Sadecki;\n bug 533989); use pybasever in the files section\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com> - 2.6.2-6\n\n - update python-2.6.2-config.patch to remove downstream customization of build of pyexpat and elementtree modules\n\n - add patch adapted from upstream (patch 3) to add support for building against system expat; add\n --with-system-expat to 'configure' invocation (patch 3)\n\n - remove embedded copy of expat from source tree during 'prep'\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-5\n\n - replace 'define' with 'global' throughout\n\n - introduce macros for 3 directories, replacing expanded references throughout: %{pylibdir}, %{dynload_dir}, %{site_packages}\n\n - explicitly list all lib-dynload files, rather than dynamically gathering the payload into a temporary text file, so that we can be sure what we are shipping;\n remove now-redundant testing for presence of certain .so files\n\n - remove embedded copy of libffi and zlib from source tree before building\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-4\n\n - change python-2.6.2-config.patch to remove our downstream change to curses configuration in Modules/Setup.dist, so that the curses modules are built using setup.py with the downstream default (linking against libncursesw.so, rather than libncurses.so), rather than within the Makefile; add a test to %install to verify the dso files that the curses module is linked against the correct DSO (bug 539917; changes _cursesmodule.so -> _curses.so)\n\n - Fri Jan 8 2010 David Malcolm <dmalcolm at redhat.com> - 2.6.2-3\n\n - fix Lib/SocketServer.py to avoid trying to use non-existent keyword args for os.waitpid (patch 52, rhbz:552404, Adrian Reber)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "nessus", "title": "Fedora 12 : python-2.6.2-8.fc12 (2010-9565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-9565.NASL", "href": "https://www.tenable.com/plugins/nessus/47600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-9565.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47600);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_bugtraq_id(40370, 40862, 40863);\n script_xref(name:\"FEDORA\", value:\"2010-9565\");\n\n script_name(english:\"Fedora 12 : python-2.6.2-8.fc12 (2010-9565)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Fri Jun 4 2010 David Malcolm <dmalcolm at redhat.com> -\n 2.6.2-8\n\n - ensure that the compiler is invoked with '-fwrapv'\n (rhbz#594819)\n\n - CVE-2010-1634: fix various integer overflow checks in\n the audioop module (patch 113)\n\n - CVE-2010-2089: further checks within the audioop module\n (patch 114)\n\n - CVE-2008-5983: the new PySys_SetArgvEx entry point\n from r81399 (patch 115)\n\n - Fri Mar 12 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-7\n\n - document all patches, and remove the commented-out\n ones\n\n - Address some of the issues identified in package\n review (bug 226342) :\n\n - update libs requirement on base package to use %{name}\n for consistency's sake\n\n - convert from backticks to $() syntax throughout\n\n - wrap value of LD_LIBRARY_PATH in quotes\n\n - convert '/usr/bin/find' requirement to 'findutils'\n\n - remove trailing periods from summaries of subpackages\n\n - fix spelling mistake in description of -test\n subpackage\n\n - convert usage of $$RPM_BUILD_ROOT to %{buildroot}\n throughout, for stylistic consistency\n\n - supply dirmode arguments to defattr directives\n\n - replace references to /usr with %{_prefix}; replace\n references to /usr/include with %{_includedir}\n\n - fixup the build when __python_ver is set (Zach Sadecki;\n bug 533989); use pybasever in the files section\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com> -\n 2.6.2-6\n\n - update python-2.6.2-config.patch to remove downstream\n customization of build of pyexpat and elementtree\n modules\n\n - add patch adapted from upstream (patch 3) to add support\n for building against system expat; add\n --with-system-expat to 'configure' invocation (patch 3)\n\n - remove embedded copy of expat from source tree during\n 'prep'\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-5\n\n - replace 'define' with 'global' throughout\n\n - introduce macros for 3 directories, replacing expanded\n references throughout: %{pylibdir}, %{dynload_dir},\n %{site_packages}\n\n - explicitly list all lib-dynload files, rather than\n dynamically gathering the payload into a temporary text\n file, so that we can be sure what we are shipping;\n remove now-redundant testing for presence of certain .so\n files\n\n - remove embedded copy of libffi and zlib from source tree\n before building\n\n - Mon Jan 25 2010 David Malcolm <dmalcolm at redhat.com>\n - 2.6.2-4\n\n - change python-2.6.2-config.patch to remove our\n downstream change to curses configuration in\n Modules/Setup.dist, so that the curses modules are\n built using setup.py with the downstream default\n (linking against libncursesw.so, rather than\n libncurses.so), rather than within the Makefile; add a\n test to %install to verify the dso files that the\n curses module is linked against the correct DSO (bug\n 539917; changes _cursesmodule.so -> _curses.so)\n\n - Fri Jan 8 2010 David Malcolm <dmalcolm at redhat.com> -\n 2.6.2-3\n\n - fix Lib/SocketServer.py to avoid trying to use\n non-existent keyword args for os.waitpid (patch 52,\n rhbz:552404, Adrian Reber)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=482814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=590690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598197\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-July/043726.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3f0e5c1a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"python-2.6.2-8.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:51:34", "description": "- Backport from F14: - Fix for lone surrogates, utf8 and certain encode error handlers. - Fix an incompatibility between pyexpat and the system expat-2.0.1 that led to a segfault running test_pyexpat.py (patch 110; upstream issue 9054; rhbz#610312)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2010-09-04T00:00:00", "type": "nessus", "title": "Fedora 13 : python3-3.1.2-7.fc13 (2010-13388)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-13388.NASL", "href": "https://www.tenable.com/plugins/nessus/49107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13388.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49107);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_bugtraq_id(40370, 40862, 40863);\n script_xref(name:\"FEDORA\", value:\"2010-13388\");\n\n script_name(english:\"Fedora 13 : python3-3.1.2-7.fc13 (2010-13388)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Backport from F14: - Fix for lone surrogates, utf8 and\n certain encode error handlers. - Fix an incompatibility\n between pyexpat and the system expat-2.0.1 that led to a\n segfault running test_pyexpat.py (patch 110; upstream\n issue 9054; rhbz#610312)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=482814\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=590690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=598197\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/047008.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48b4c43f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"python3-3.1.2-7.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:14", "description": "It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. A remote attacker could exploit this to cause a denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform input validation on certain HTTP GET requests. A remote attacker could potentially obtain access to CGI script source files.\n(CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 11.04.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. An attacker could cause a denial of service under certian circumstances. This update adds the '-R' command line option and honors setting the PYTHONHASHSEED environment variable to 'random' to salt str and datetime objects with an unpredictable value.\n(CVE-2012-1150).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-05T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.04 / 11.10 : python2.6 vulnerabilities (USN-1596-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.6", "p-cpe:/a:canonical:ubuntu_linux:python2.6-minimal", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10"], "id": "UBUNTU_USN-1596-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62436", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1596-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62436);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_xref(name:\"USN\", value:\"1596-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.04 / 11.10 : python2.6 vulnerabilities (USN-1596-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python would prepend an empty string to\nsys.path under certain circumstances. A local attacker with write\naccess to the current working directory could exploit this to execute\narbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform\ninput validation. If a user or automated system were tricked into\nopening a crafted audio file, an attacker could cause a denial of\nservice via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd\nmodule. A remote attacker could exploit this to cause a denial of\nservice via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly\nperform input validation on certain HTTP GET requests. A remote\nattacker could potentially obtain access to CGI script source files.\n(CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would\nprocess Location headers that specify a redirection to file: URLs. A\nremote attacker could exploit this to obtain sensitive information or\ncause a denial of service. This issue only affected Ubuntu 11.04.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset\nparameter in the Content-Type HTTP header. An attacker could\npotentially exploit this to conduct cross-site scripting (XSS) attacks\nagainst Internet Explorer 7 users. This issue only affected Ubuntu\n11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition\nwhen creating the ~/.pypirc file. A local attacker could exploit this\nto obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate\nits input when handling HTTP POST requests. A remote attacker could\nexploit this to cause a denial of service via excessive CPU\nutilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm\nattacks. An attacker could cause a denial of service under certian\ncircumstances. This update adds the '-R' command line option and\nhonors setting the PYTHONHASHSEED environment variable to 'random' to\nsalt str and datetime objects with an unpredictable value.\n(CVE-2012-1150).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1596-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python2.6 and / or python2.6-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.6-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python2.6\", pkgver:\"2.6.5-1ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"python2.6-minimal\", pkgver:\"2.6.5-1ubuntu6.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python2.6\", pkgver:\"2.6.6-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python2.6-minimal\", pkgver:\"2.6.6-6ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python2.6\", pkgver:\"2.6.7-4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python2.6-minimal\", pkgver:\"2.6.7-4ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.6 / python2.6-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:53", "description": "A denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python26 (ALAS-2012-98)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26", "p-cpe:/a:amazon:linux:python26-debuginfo", "p-cpe:/a:amazon:linux:python26-devel", "p-cpe:/a:amazon:linux:python26-libs", "p-cpe:/a:amazon:linux:python26-test", "p-cpe:/a:amazon:linux:python26-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-98.NASL", "href": "https://www.tenable.com/plugins/nessus/69705", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-98.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69705);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_xref(name:\"ALAS\", value:\"2012-98\");\n script_xref(name:\"RHSA\", value:\"2012:0744\");\n\n script_name(english:\"Amazon Linux AMI : python26 (ALAS-2012-98)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-98.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python26' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python26-2.6.8-2.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-debuginfo-2.6.8-2.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-devel-2.6.8-2.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-libs-2.6.8-2.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-test-2.6.8-2.28.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-tools-2.6.8-2.28.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26 / python26-debuginfo / python26-devel / python26-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:15", "description": "4 vulnerabilities were discovered for the python (2.7) and python3 packages in openSUSE versions 11.4 and 12.1.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : python (openSUSE-SU-2012:0667-1) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpython2_7-1_0", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-32bit", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo", "p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-32bit", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:python-base", "p-cpe:/a:novell:opensuse:python-base-32bit", "p-cpe:/a:novell:opensuse:python-base-debuginfo", "p-cpe:/a:novell:opensuse:python-base-debuginfo-32bit", "p-cpe:/a:novell:opensuse:python-base-debugsource", "p-cpe:/a:novell:opensuse:python-devel", "p-cpe:/a:novell:opensuse:python-doc-pdf", "p-cpe:/a:novell:opensuse:python-xml", "p-cpe:/a:novell:opensuse:python-xml-debuginfo", "p-cpe:/a:novell:opensuse:python3-2to3", "p-cpe:/a:novell:opensuse:python3-base", "p-cpe:/a:novell:opensuse:python3-base-debuginfo", "p-cpe:/a:novell:opensuse:python3-base-debugsource", "p-cpe:/a:novell:opensuse:python3-devel", "p-cpe:/a:novell:opensuse:python3-devel-debuginfo", "p-cpe:/a:novell:opensuse:python3-doc-pdf", "p-cpe:/a:novell:opensuse:python3-idle", "p-cpe:/a:novell:opensuse:python3-tools", "p-cpe:/a:novell:opensuse:python3-xml", "p-cpe:/a:novell:opensuse:python3-xml-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-302.NASL", "href": "https://www.tenable.com/plugins/nessus/74640", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-302.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74640);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-1150\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : python (openSUSE-SU-2012:0667-1) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"4 vulnerabilities were discovered for the python (2.7) and python3\npackages in openSUSE versions 11.4 and 12.1.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=747125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=751718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=754447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=754677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.opensuse.org/opensuse-updates/2012-05/msg00048.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_7-1_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-2to3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-xml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython2_7-1_0-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython2_7-1_0-debuginfo-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython3_2mu1_0-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython3_2mu1_0-debuginfo-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-base-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-base-debuginfo-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-base-debugsource-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-devel-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-doc-pdf-2.7-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-xml-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python-xml-debuginfo-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-2to3-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-debuginfo-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-debugsource-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-devel-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-devel-debuginfo-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-doc-pdf-3.2-5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-idle-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-tools-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-xml-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-xml-debuginfo-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython2_7-1_0-32bit-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython3_2mu1_0-32bit-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython3_2mu1_0-debuginfo-32bit-3.2.1-5.6.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"python-base-32bit-2.7.2-7.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"python-base-debuginfo-32bit-2.7.2-7.14.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpython2_7-1_0 / libpython2_7-1_0-32bit / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:15", "description": "Python is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe previous expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python on SL6.x i386/x86_64 (20120618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python", "p-cpe:/a:fermilab:scientific_linux:python-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-devel", "p-cpe:/a:fermilab:scientific_linux:python-libs", "p-cpe:/a:fermilab:scientific_linux:python-test", "p-cpe:/a:fermilab:scientific_linux:python-tools", "p-cpe:/a:fermilab:scientific_linux:tkinter", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120618_PYTHON_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61333", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61333);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n\n script_name(english:\"Scientific Linux Security Update : python on SL6.x i386/x86_64 (20120618)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe previous expat erratum must be installed with this update, which\nadds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1206&L=scientific-linux-errata&T=0&P=2093\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?04e020fb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-debuginfo-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-debuginfo / python-devel / python-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:26:20", "description": "From Red Hat Security Advisory 2012:0744 :\n\nUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : python (ELSA-2012-0744)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-devel", "p-cpe:/a:oracle:linux:python-libs", "p-cpe:/a:oracle:linux:python-test", "p-cpe:/a:oracle:linux:python-tools", "p-cpe:/a:oracle:linux:tkinter", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2012-0744.NASL", "href": "https://www.tenable.com/plugins/nessus/68545", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0744 and \n# Oracle Linux Security Advisory ELSA-2012-0744 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68545);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 51996, 52379, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0744\");\n\n script_name(english:\"Oracle Linux 6 : python (ELSA-2012-0744)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0744 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002866.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-libs / python-test / python-tools / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:53", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "nessus", "title": "RHEL 6 : python (RHSA-2012:0744)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:python-libs", "p-cpe:/a:redhat:enterprise_linux:python-test", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:tkinter", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2012-0744.NASL", "href": "https://www.tenable.com/plugins/nessus/59563", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0744. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59563);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 51996, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0744\");\n\n script_name(english:\"RHEL 6 : python (RHSA-2012:0744)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # http://www.ocert.org/advisories/ocert-2011-003.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://ocert.org/advisories/ocert-2011-003.html\"\n );\n # https://rhn.redhat.com/errata/RHSA-2012-0731.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0744\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4940\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0744\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-debuginfo-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-debuginfo-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-debuginfo-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-debuginfo / python-devel / python-libs / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:43", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "CentOS 6 : python (CESA-2012:0744)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python-libs", "p-cpe:/a:centos:centos:python-test", "p-cpe:/a:centos:centos:python-tools", "p-cpe:/a:centos:centos:tkinter", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-0744.NASL", "href": "https://www.tenable.com/plugins/nessus/59570", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0744 and \n# CentOS Errata and Security Advisory 2012:0744 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59570);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 51996, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0744\");\n\n script_name(english:\"CentOS 6 : python (CESA-2012:0744)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer. (CVE-2012-0845)\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-June/018693.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5daf518b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0845\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-devel-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-libs-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-test-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-tools-2.6.6-29.el6_2.2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"tkinter-2.6.6-29.el6_2.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-libs / python-test / python-tools / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:40", "description": "Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure (CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat (CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2012-09-06T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : python (MDVSA-2012:097)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:tkinter-apps", "cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:lib64python-devel", "p-cpe:/a:mandriva:linux:lib64python2.7", "p-cpe:/a:mandriva:linux:libpython-devel", "p-cpe:/a:mandriva:linux:libpython2.7", "p-cpe:/a:mandriva:linux:python"], "id": "MANDRIVA_MDVSA-2012-097.NASL", "href": "https://www.tenable.com/plugins/nessus/61956", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:097. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61956);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_bugtraq_id(\n 49778,\n 51239,\n 51996,\n 52379,\n 52732\n );\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2012:097)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython-devel-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpython2.7-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"python-docs-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"tkinter-apps-2.7.2-2.2-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:22", "description": "This update to python 2.6.8 fixes the following bugs, among others :\n\n - XMLRPC Server DoS. (CVE-2012-0845, bnc#747125)\n\n - hash randomization issues. (CVE-2012-1150, bnc#751718)\n\n - insecure creation of .pypirc. (CVE-2011-4944, bnc#754447)\n\n - SimpleHTTPServer XSS. (CVE-2011-1015, bnc#752375)\n\n - functions can accept unicode kwargs. (bnc#744287)\n\n - python MainThread lacks ident. (bnc#754547)\n\n - TypeError: waitpid() takes no keyword arguments.\n (bnc#751714)\n\n - Source code exposure in CGIHTTPServer module.\n (CVE-2011-1015, bnc#674646)\n\n - Insecure redirect processing in urllib2 (CVE-2011-1521, bnc#682554) The hash randomization fix is by default disabled to keep compatibility with existing python code when it extracts hashes.\n\nTo enable the hash seed randomization you can use: - pass -R to the python interpreter commandline. - set the environment variable PYTHONHASHSEED=random to enable it for programs. You can also set this environment variable to a fixed hash seed by specifying a integer value between 0 and MAX_UINT.\n\nIn generally enabling this is only needed when malicious third parties can inject values into your hash tables.\n\nThe update to 2.6.8 also provides many compatibility fixes with OpenStack.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0", "p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit", "p-cpe:/a:novell:suse_linux:11:python", "p-cpe:/a:novell:suse_linux:11:python-32bit", "p-cpe:/a:novell:suse_linux:11:python-base", "p-cpe:/a:novell:suse_linux:11:python-base-32bit", "p-cpe:/a:novell:suse_linux:11:python-curses", "p-cpe:/a:novell:suse_linux:11:python-demo", "p-cpe:/a:novell:suse_linux:11:python-devel", "p-cpe:/a:novell:suse_linux:11:python-doc", "p-cpe:/a:novell:suse_linux:11:python-doc-pdf", "p-cpe:/a:novell:suse_linux:11:python-gdbm", "p-cpe:/a:novell:suse_linux:11:python-idle", "p-cpe:/a:novell:suse_linux:11:python-tk", "p-cpe:/a:novell:suse_linux:11:python-xml", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_PYTHON-RANDOMISATION-UPDATE-120516.NASL", "href": "https://www.tenable.com/plugins/nessus/64220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64220);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n\n script_name(english:\"SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to python 2.6.8 fixes the following bugs, among others :\n\n - XMLRPC Server DoS. (CVE-2012-0845, bnc#747125)\n\n - hash randomization issues. (CVE-2012-1150, bnc#751718)\n\n - insecure creation of .pypirc. (CVE-2011-4944,\n bnc#754447)\n\n - SimpleHTTPServer XSS. (CVE-2011-1015, bnc#752375)\n\n - functions can accept unicode kwargs. (bnc#744287)\n\n - python MainThread lacks ident. (bnc#754547)\n\n - TypeError: waitpid() takes no keyword arguments.\n (bnc#751714)\n\n - Source code exposure in CGIHTTPServer module.\n (CVE-2011-1015, bnc#674646)\n\n - Insecure redirect processing in urllib2 (CVE-2011-1521,\n bnc#682554) The hash randomization fix is by default\n disabled to keep compatibility with existing python code\n when it extracts hashes.\n\nTo enable the hash seed randomization you can use: - pass -R to the\npython interpreter commandline. - set the environment variable\nPYTHONHASHSEED=random to enable it for programs. You can also set this\nenvironment variable to a fixed hash seed by specifying a integer\nvalue between 0 and MAX_UINT.\n\nIn generally enabling this is only needed when malicious third parties\ncan inject values into your hash tables.\n\nThe update to 2.6.8 also provides many compatibility fixes with\nOpenStack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=747125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=751714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=751718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1521.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4944.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0845.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1150.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6310.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-base-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-curses-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-devel-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-tk-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-xml-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libpython2_6-1_0-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libpython2_6-1_0-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-base-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-base-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-curses-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-demo-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-doc-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-doc-pdf-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-gdbm-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-idle-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-tk-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-xml-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-base-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-curses-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-demo-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-doc-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-doc-pdf-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-gdbm-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-idle-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-tk-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-xml-2.6.8-0.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:32:49", "description": "This update to python 2.6.8 fixes the following bugs, among others :\n\n - XMLRPC Server DoS. (CVE-2012-0845, bnc#747125)\n\n - hash randomization issues. (CVE-2012-1150, bnc#751718)\n\n - insecure creation of .pypirc. (CVE-2011-4944, bnc#754447)\n\n - SimpleHTTPServer XSS. (CVE-2011-1015, bnc#752375)\n\n - functions can accept unicode kwargs. (bnc#744287)\n\n - python MainThread lacks ident. (bnc#754547)\n\n - TypeError: waitpid() takes no keyword arguments.\n (bnc#751714)\n\n - Source code exposure in CGIHTTPServer module.\n (CVE-2011-1015, bnc#674646)\n\n - Insecure redirect processing in urllib2 (CVE-2011-1521, bnc#682554) The hash randomization fix is by default disabled to keep compatibility with existing python code when it extracts hashes.\n\nTo enable the hash seed randomization you can use: - pass -R to the python interpreter commandline. - set the environment variable PYTHONHASHSEED=random to enable it for programs. You can also set this environment variable to a fixed hash seed by specifying a integer value between 0 and MAX_UINT.\n\nIn generally enabling this is only needed when malicious third parties can inject values into your hash tables.\n\nThe update to 2.6.8 also provides many compatibility fixes with OpenStack.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0", "p-cpe:/a:novell:suse_linux:11:python", "p-cpe:/a:novell:suse_linux:11:python-base", "p-cpe:/a:novell:suse_linux:11:python-curses", "p-cpe:/a:novell:suse_linux:11:python-demo", "p-cpe:/a:novell:suse_linux:11:python-devel", "p-cpe:/a:novell:suse_linux:11:python-doc", "p-cpe:/a:novell:suse_linux:11:python-doc-pdf", "p-cpe:/a:novell:suse_linux:11:python-gdbm", "p-cpe:/a:novell:suse_linux:11:python-idle", "p-cpe:/a:novell:suse_linux:11:python-tk", "p-cpe:/a:novell:suse_linux:11:python-xml", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_PYTHON-RANDOMISATION-UPDATE-120517.NASL", "href": "https://www.tenable.com/plugins/nessus/64221", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64221);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n\n script_name(english:\"SuSE 11.1 Security Update : libpython2_6-1_0, libpython2_6-1_0-32bit, libpython2_6-1_0-x86, python, etc (SAT Patch Number 6310)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update to python 2.6.8 fixes the following bugs, among others :\n\n - XMLRPC Server DoS. (CVE-2012-0845, bnc#747125)\n\n - hash randomization issues. (CVE-2012-1150, bnc#751718)\n\n - insecure creation of .pypirc. (CVE-2011-4944,\n bnc#754447)\n\n - SimpleHTTPServer XSS. (CVE-2011-1015, bnc#752375)\n\n - functions can accept unicode kwargs. (bnc#744287)\n\n - python MainThread lacks ident. (bnc#754547)\n\n - TypeError: waitpid() takes no keyword arguments.\n (bnc#751714)\n\n - Source code exposure in CGIHTTPServer module.\n (CVE-2011-1015, bnc#674646)\n\n - Insecure redirect processing in urllib2 (CVE-2011-1521,\n bnc#682554) The hash randomization fix is by default\n disabled to keep compatibility with existing python code\n when it extracts hashes.\n\nTo enable the hash seed randomization you can use: - pass -R to the\npython interpreter commandline. - set the environment variable\nPYTHONHASHSEED=random to enable it for programs. You can also set this\nenvironment variable to a fixed hash seed by specifying a integer\nvalue between 0 and MAX_UINT.\n\nIn generally enabling this is only needed when malicious third parties\ncan inject values into your hash tables.\n\nThe update to 2.6.8 also provides many compatibility fixes with\nOpenStack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=747125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748079\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=751714\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=751718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1521.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-4944.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0845.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1150.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6310.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libpython2_6-1_0-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-base-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-curses-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-devel-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-tk-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-xml-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libpython2_6-1_0-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-base-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-curses-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-demo-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-doc-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-doc-pdf-2.6-8.13.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-gdbm-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-idle-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-tk-2.6.8-0.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"python-xml-2.6.8-0.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:13", "description": "Niels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. This issue only affected Ubuntu 11.04.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm attacks. An attacker could cause a denial of service under certian circumstances. This update adds the '-R' command line option and honors setting the PYTHONHASHSEED environment variable to 'random' to salt str and datetime objects with an unpredictable value.\n(CVE-2012-1150).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "nessus", "title": "Ubuntu 11.04 / 11.10 : python2.7 vulnerabilities (USN-1592-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.7", "p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10"], "id": "UBUNTU_USN-1592-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62410", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1592-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62410);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(47024, 51239, 51996, 52732, 54083);\n script_xref(name:\"USN\", value:\"1592-1\");\n\n script_name(english:\"Ubuntu 11.04 / 11.10 : python2.7 vulnerabilities (USN-1592-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Niels Heinen discovered that the urllib and urllib2 modules would\nprocess Location headers that specify a redirection to file: URLs. A\nremote attacker could exploit this to obtain sensitive information or\ncause a denial of service. This issue only affected Ubuntu 11.04.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset\nparameter in the Content-Type HTTP header. An attacker could\npotentially exploit this to conduct cross-site scripting (XSS) attacks\nagainst Internet Explorer 7 users. This issue only affected Ubuntu\n11.04. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition\nwhen creating the ~/.pypirc file. A local attacker could exploit this\nto obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate\nits input when handling HTTP POST requests. A remote attacker could\nexploit this to cause a denial of service via excessive CPU\nutilization. (CVE-2012-0845)\n\nIt was discovered that Python was susceptible to hash algorithm\nattacks. An attacker could cause a denial of service under certian\ncircumstances. This update adds the '-R' command line option and\nhonors setting the PYTHONHASHSEED environment variable to 'random' to\nsalt str and datetime objects with an unpredictable value.\n(CVE-2012-1150).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1592-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python2.7 and / or python2.7-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python2.7\", pkgver:\"2.7.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.1-5ubuntu2.2\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python2.7\", pkgver:\"2.7.2-5ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.2-5ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.7 / python2.7-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:32", "description": "The remote host is affected by the vulnerability described in GLSA-201401-04 (Python: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly cause a Denial of Service condition or perform a man-in-the-middle attack to disclose sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-01-07T00:00:00", "type": "nessus", "title": "GLSA-201401-04 : Python: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3492", "CVE-2010-3493", "CVE-2011-1015", "CVE-2012-0845", "CVE-2012-1150", "CVE-2013-2099"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:python", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201401-04.NASL", "href": "https://www.tenable.com/plugins/nessus/71811", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201401-04.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71811);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3492\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2013-2099\");\n script_bugtraq_id(40370, 40863, 44533, 46541, 51239, 51996, 59877);\n script_xref(name:\"GLSA\", value:\"201401-04\");\n\n script_name(english:\"GLSA-201401-04 : Python: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201401-04\n(Python: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Python. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly cause a Denial of Service condition or\n perform a man-in-the-middle attack to disclose sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201401-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Python 3.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.3.2-r1'\n All Python 3.2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-3.2.5-r1'\n All Python 2.6 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.6.8'\n All Python 2.7 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/python-2.7.3-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/05/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/python\", unaffected:make_list(\"ge 3.2.5-r1\", \"ge 2.6.8\", \"ge 2.7.3-r1\", \"ge 3.3.2-r1\"), vulnerable:make_list(\"lt 3.3.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:23:40", "description": "It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. A remote attacker could exploit this to cause a denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform input validation on certain HTTP GET requests. A remote attacker could potentially obtain access to CGI script source files.\n(CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly handle memory reallocation when processing XML files. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. (CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-18T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1148"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.5", "p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1613-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62619", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1613-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62619);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_xref(name:\"USN\", value:\"1613-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Python would prepend an empty string to\nsys.path under certain circumstances. A local attacker with write\naccess to the current working directory could exploit this to execute\narbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform\ninput validation. If a user or automated system were tricked into\nopening a crafted audio file, an attacker could cause a denial of\nservice via application crash. (CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd\nmodule. A remote attacker could exploit this to cause a denial of\nservice via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly\nperform input validation on certain HTTP GET requests. A remote\nattacker could potentially obtain access to CGI script source files.\n(CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would\nprocess Location headers that specify a redirection to file: URLs. A\nremote attacker could exploit this to obtain sensitive information or\ncause a denial of service. (CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset\nparameter in the Content-Type HTTP header. An attacker could\npotentially exploit this to conduct cross-site scripting (XSS) attacks\nagainst Internet Explorer 7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition\nwhen creating the ~/.pypirc file. A local attacker could exploit this\nto obtain sensitive information. (CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate\nits input when handling HTTP POST requests. A remote attacker could\nexploit this to cause a denial of service via excessive CPU\nutilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash\nvalues without restricting the ability to trigger hash collisions\npredictably. If a user or application using pyexpat were tricked into\nopening a crafted XML file, an attacker could cause a denial of\nservice by consuming excessive CPU resources. (CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not\nproperly handle memory reallocation when processing XML files. If a\nuser or application using pyexpat were tricked into opening a crafted\nXML file, an attacker could cause a denial of service by consuming\nexcessive memory resources. (CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1613-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python2.5 and / or python2.5-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5\", pkgver:\"2.5.2-2ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.5-minimal\", pkgver:\"2.5.2-2ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.5 / python2.5-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:18", "description": "USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4.\n\nIt was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash.\n(CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the smtpd module. A remote attacker could exploit this to cause a denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not properly perform input validation on certain HTTP GET requests. A remote attacker could potentially obtain access to CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules would process Location headers that specify a redirection to file: URLs. A remote attacker could exploit this to obtain sensitive information or cause a denial of service.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a charset parameter in the Content-Type HTTP header. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks against Internet Explorer 7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information.\n(CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5 computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources.\n(CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did not properly handle memory reallocation when processing XML files. If a user or application using pyexpat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources.\n(CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-10-18T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1148"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python2.4", "p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1613-2.NASL", "href": "https://www.tenable.com/plugins/nessus/62620", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1613-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62620);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_xref(name:\"USN\", value:\"1613-2\");\n\n script_name(english:\"Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides\nthe corresponding updates for Python 2.4.\n\nIt was discovered that Python would prepend an empty string to\nsys.path under certain circumstances. A local attacker with write\naccess to the current working directory could exploit this to execute\narbitrary code. (CVE-2008-5983)\n\nIt was discovered that the audioop module did not correctly\nperform input validation. If a user or automated system were\ntricked into opening a crafted audio file, an attacker could\ncause a denial of service via application crash.\n(CVE-2010-1634, CVE-2010-2089)\n\nGiampaolo Rodola discovered several race conditions in the\nsmtpd module. A remote attacker could exploit this to cause\na denial of service via daemon outage. (CVE-2010-3493)\n\nIt was discovered that the CGIHTTPServer module did not\nproperly perform input validation on certain HTTP GET\nrequests. A remote attacker could potentially obtain access\nto CGI script source files. (CVE-2011-1015)\n\nNiels Heinen discovered that the urllib and urllib2 modules\nwould process Location headers that specify a redirection to\nfile: URLs. A remote attacker could exploit this to obtain\nsensitive information or cause a denial of service.\n(CVE-2011-1521)\n\nIt was discovered that SimpleHTTPServer did not use a\ncharset parameter in the Content-Type HTTP header. An\nattacker could potentially exploit this to conduct\ncross-site scripting (XSS) attacks against Internet Explorer\n7 users. (CVE-2011-4940)\n\nIt was discovered that Python distutils contained a race\ncondition when creating the ~/.pypirc file. A local attacker\ncould exploit this to obtain sensitive information.\n(CVE-2011-4944)\n\nIt was discovered that SimpleXMLRPCServer did not properly\nvalidate its input when handling HTTP POST requests. A\nremote attacker could exploit this to cause a denial of\nservice via excessive CPU utilization. (CVE-2012-0845)\n\nIt was discovered that the Expat module in Python 2.5\ncomputed hash values without restricting the ability to\ntrigger hash collisions predictably. If a user or\napplication using pyexpat were tricked into opening a\ncrafted XML file, an attacker could cause a denial of\nservice by consuming excessive CPU resources.\n(CVE-2012-0876)\n\nTim Boddy discovered that the Expat module in Python 2.5 did\nnot properly handle memory reallocation when processing XML\nfiles. If a user or application using pyexpat were tricked\ninto opening a crafted XML file, an attacker could cause a\ndenial of service by consuming excessive memory resources.\n(CVE-2012-1148).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1613-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python2.4 and / or python2.4-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4\", pkgver:\"2.4.5-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"python2.4-minimal\", pkgver:\"2.4.5-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.4 / python2.4-minimal\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:52", "description": "From Red Hat Security Advisory 2012:0745 :\n\nUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : python (ELSA-2012-0745)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-devel", "p-cpe:/a:oracle:linux:python-libs", "p-cpe:/a:oracle:linux:python-tools", "p-cpe:/a:oracle:linux:tkinter", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0745.NASL", "href": "https://www.tenable.com/plugins/nessus/68546", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0745 and \n# Oracle Linux Security Advisory ELSA-2012-0745 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68546);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 52379, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0745\");\n\n script_name(english:\"Oracle Linux 5 : python (ELSA-2012-0745)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0745 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-June/002867.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"python-devel-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-libs / python-tools / tkinter\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:54", "description": "The following issues have been fixed :\n\n - a race condition in the accept() implementation of smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could crash the audioop module. (CVE-2010-2089 / CVE-2010-1634)", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : Python (SAT Patch Number 3493)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0", "p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit", "p-cpe:/a:novell:suse_linux:11:python", "p-cpe:/a:novell:suse_linux:11:python-32bit", "p-cpe:/a:novell:suse_linux:11:python-base", "p-cpe:/a:novell:suse_linux:11:python-base-32bit", "p-cpe:/a:novell:suse_linux:11:python-curses", "p-cpe:/a:novell:suse_linux:11:python-demo", "p-cpe:/a:novell:suse_linux:11:python-devel", "p-cpe:/a:novell:suse_linux:11:python-gdbm", "p-cpe:/a:novell:suse_linux:11:python-idle", "p-cpe:/a:novell:suse_linux:11:python-tk", "p-cpe:/a:novell:suse_linux:11:python-xml", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBPYTHON2_6-1_0-101109.NASL", "href": "https://www.tenable.com/plugins/nessus/51623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51623);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\");\n\n script_name(english:\"SuSE 11.1 Security Update : Python (SAT Patch Number 3493)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issues have been fixed :\n\n - a race condition in the accept() implementation of\n smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could\n crash the audioop module. (CVE-2010-2089 /\n CVE-2010-1634)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=638233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1634.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 3493.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libpython2_6-1_0-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-base-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-curses-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-devel-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-tk-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"python-xml-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-base-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-curses-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-devel-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-tk-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"python-xml-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libpython2_6-1_0-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-base-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-curses-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-demo-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-gdbm-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-idle-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-tk-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"python-xml-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"python-base-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-32bit-2.6.0-8.10.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.0-8.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:54:43", "description": "The following issues have been fixed :\n\n - a race condition in the accept() implementation of smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could crash the audioop module. (CVE-2010-2089 / CVE-2010-1634)", "cvss3": {}, "published": "2010-12-12T00:00:00", "type": "nessus", "title": "SuSE 11 Security Update : Python (SAT Patch Number 3491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0", "p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit", "p-cpe:/a:novell:suse_linux:11:python", "p-cpe:/a:novell:suse_linux:11:python-32bit", "p-cpe:/a:novell:suse_linux:11:python-base", "p-cpe:/a:novell:suse_linux:11:python-base-32bit", "p-cpe:/a:novell:suse_linux:11:python-curses", "p-cpe:/a:novell:suse_linux:11:python-demo", "p-cpe:/a:novell:suse_linux:11:python-devel", "p-cpe:/a:novell:suse_linux:11:python-gdbm", "p-cpe:/a:novell:suse_linux:11:python-idle", "p-cpe:/a:novell:suse_linux:11:python-tk", "p-cpe:/a:novell:suse_linux:11:python-xml", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBPYTHON2_6-1_0-101028.NASL", "href": "https://www.tenable.com/plugins/nessus/51134", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51134);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\");\n\n script_name(english:\"SuSE 11 Security Update : Python (SAT Patch Number 3491)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The following issues have been fixed :\n\n - a race condition in the accept() implementation of\n smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could\n crash the audioop module. (CVE-2010-2089 /\n CVE-2010-1634)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=638233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1634.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 3491.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libpython2_6-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (pl) audit(AUDIT_OS_NOT, \"SuSE 11.0\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"libpython2_6-1_0-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"python-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"python-base-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"python-curses-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"python-devel-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"i586\", reference:\"python-xml-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libpython2_6-1_0-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-base-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-curses-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-devel-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:0, cpu:\"x86_64\", reference:\"python-xml-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"libpython2_6-1_0-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-base-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-curses-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-demo-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-gdbm-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-idle-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-tk-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, reference:\"python-xml-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"python-32bit-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"s390x\", reference:\"python-base-32bit-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.0-8.8.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"python-32bit-2.6.0-8.9.6.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:0, cpu:\"x86_64\", reference:\"python-base-32bit-2.6.0-8.8.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:42", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "nessus", "title": "RHEL 5 : python (RHSA-2012:0745)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:python-libs", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:tkinter", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0745.NASL", "href": "https://www.tenable.com/plugins/nessus/59564", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0745. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59564);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0745\");\n\n script_name(english:\"RHEL 5 : python (RHSA-2012:0745)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.ocert.org/advisories/ocert-2011-003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2012-0731.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4940\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0745\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"python-debuginfo-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"python-devel-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-debuginfo / python-devel / python-libs / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:16", "description": "Python is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe previous expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python on SL5.x i386/x86_64 (20120618)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-1150"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:python", "p-cpe:/a:fermilab:scientific_linux:python-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-devel", "p-cpe:/a:fermilab:scientific_linux:python-libs", "p-cpe:/a:fermilab:scientific_linux:python-tools", "p-cpe:/a:fermilab:scientific_linux:tkinter", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120618_PYTHON_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61332", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61332);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n\n script_name(english:\"Scientific Linux Security Update : python on SL5.x i386/x86_64 (20120618)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe previous expat erratum must be installed with this update, which\nadds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1206&L=scientific-linux-errata&T=0&P=1963\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5f8268e6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-debuginfo-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-devel-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-debuginfo / python-devel / python-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:22", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new 'PYTHONHASHSEED' environment variable or the Python interpreter's '-R' command line option can be used. Refer to the python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT acknowledges Julian Walde and Alexander Klink as the original reporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "nessus", "title": "CentOS 5 : python (CESA-2012:0745)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4940", "CVE-2011-4944", "CVE-2012-1150"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python-libs", "p-cpe:/a:centos:centos:python-tools", "p-cpe:/a:centos:centos:tkinter", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0745.NASL", "href": "https://www.tenable.com/plugins/nessus/59560", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0745 and \n# CentOS Errata and Security Advisory 2012:0745 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59560);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_bugtraq_id(51239, 52732);\n script_xref(name:\"RHSA\", value:\"2012:0745\");\n\n script_name(english:\"CentOS 5 : python (CESA-2012:0745)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions. (CVE-2012-1150)\n\nNote: The hash randomization is not enabled by default as it may break\napplications that incorrectly depend on dictionary ordering. To enable\nthe protection, the new 'PYTHONHASHSEED' environment variable or the\nPython interpreter's '-R' command line option can be used. Refer to\nthe python(1) manual page for details.\n\nThe RHSA-2012:0731 expat erratum must be installed with this update,\nwhich adds hash randomization to the Expat library used by the Python\npyexpat module.\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers). (CVE-2011-4940)\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories. (CVE-2011-4944)\n\nRed Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\nacknowledges Julian Walde and Alexander Klink as the original\nreporters of CVE-2012-1150.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-June/018692.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29953908\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-1150\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"python-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"python-devel-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"python-libs-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"python-tools-2.4.3-46.el5_8.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"tkinter-2.4.3-46.el5_8.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-libs / python-tools / tkinter\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T15:49:43", "description": "Multiple vulnerabilities has been found and corrected in python :\n\nMultiple integer overflows in audioop.c in the audioop module in Ptthon allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5 (CVE-2010-1634).\n\nThe audioop module in Python does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634 (CVE-2010-2089).\n\nPackages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4 90\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2010-07-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : python (MDVSA-2010:132)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3143", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64python2.5", "p-cpe:/a:mandriva:linux:lib64python2.5-devel", "p-cpe:/a:mandriva:linux:lib64python2.6", "p-cpe:/a:mandriva:linux:lib64python2.6-devel", "p-cpe:/a:mandriva:linux:libpython2.5", "p-cpe:/a:mandriva:linux:libpython2.5-devel", "p-cpe:/a:mandriva:linux:libpython2.6", "p-cpe:/a:mandriva:linux:libpython2.6-devel", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:python-base", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:tkinter-apps", "cpe:/o:mandriva:linux:2008.0", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2009.1", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2010-132.NASL", "href": "https://www.tenable.com/plugins/nessus/48191", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2010:132. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48191);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\");\n script_bugtraq_id(40370, 40863);\n script_xref(name:\"MDVSA\", value:\"2010:132\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2010:132)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in python :\n\nMultiple integer overflows in audioop.c in the audioop module in\nPtthon allow context-dependent attackers to cause a denial of service\n(application crash) via a large fragment, as demonstrated by a call to\naudioop.lin2lin with a long string in the first argument, leading to a\nbuffer overflow. NOTE: this vulnerability exists because of an\nincorrect fix for CVE-2008-3143.5 (CVE-2010-1634).\n\nThe audioop module in Python does not verify the relationships between\nsize arguments and byte string lengths, which allows context-dependent\nattackers to cause a denial of service (memory corruption and\napplication crash) via crafted arguments, as demonstrated by a call to\naudioop.reverse with a one-byte string, a different vulnerability than\nCVE-2010-1634 (CVE-2010-2089).\n\nPackages for 2008.0 and 2009.0 are provided as of the Extended\nMaintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149&products_id=4\n90\n\nThe updated packages have been patched to correct these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-base-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"python-docs-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"tkinter-apps-2.5.2-2.7mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64python2.5-devel-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpython2.5-devel-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-base-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"python-docs-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"tkinter-apps-2.5.2-5.6mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64python2.6-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64python2.6-devel-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libpython2.6-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libpython2.6-devel-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"python-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"python-docs-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tkinter-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"tkinter-apps-2.6.1-6.4mdv2009.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64python2.6-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"x86_64\", reference:\"lib64python2.6-devel-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libpython2.6-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", cpu:\"i386\", reference:\"libpython2.6-devel-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"python-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"python-docs-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tkinter-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.0\", reference:\"tkinter-apps-2.6.4-1.3mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-devel-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-devel-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-docs-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-apps-2.6.5-2.1mdv2010.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:06", "description": "Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure (CVE-2011-3389).\n\nA flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers) (CVE-2011-4940).\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat (CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : python (MDVSA-2012:096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2011-4940", "CVE-2011-4944", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64python2.6", "p-cpe:/a:mandriva:linux:lib64python2.6-devel", "p-cpe:/a:mandriva:linux:libpython2.6", "p-cpe:/a:mandriva:linux:libpython2.6-devel", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:tkinter-apps", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2012-096.NASL", "href": "https://www.tenable.com/plugins/nessus/59635", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:096. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59635);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2011-4940\",\n \"CVE-2011-4944\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_bugtraq_id(\n 49778,\n 51239,\n 51996,\n 52379,\n 52732,\n 54083\n );\n script_xref(name:\"MDVSA\", value:\"2012:096\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2012:096)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Multiple vulnerabilities has been discovered and corrected in python :\n\nThe _ssl module would always disable the CBC IV attack countermeasure\n(CVE-2011-3389).\n\nA flaw was found in the way the Python SimpleHTTPServer module\ngenerated directory listings. An attacker able to upload a file with a\nspecially crafted name to a server could possibly perform a cross-site\nscripting (XSS) attack against victims visiting a listing page\ngenerated by SimpleHTTPServer, for a directory containing the crafted\nfile (if the victims were using certain web browsers) (CVE-2011-4940).\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nA flaw was found in the way the Python SimpleXMLRPCServer module\nhandled clients disconnecting prematurely. A remote attacker could use\nthis flaw to cause excessive CPU consumption on a server using\nSimpleXMLRPCServer (CVE-2012-0845).\n\nHash table collisions CPU usage DoS for the embedded copy of expat\n(CVE-2012-0876).\n\nA denial of service flaw was found in the implementation of\nassociative arrays (dictionaries) in Python. An attacker able to\nsupply a large number of inputs to a Python application (such as HTTP\nPOST request parameters sent to a web application) that are used as\nkeys when inserting data into an array could trigger multiple hash\nfunction collisions, making array operations take an excessive amount\nof CPU time. To mitigate this issue, randomization has been added to\nthe hash function to reduce the chance of an attacker successfully\ncausing intentional collisions (CVE-2012-1150).\n\nThe updated packages have been patched to correct these issues.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpython2.6-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64python2.6-devel-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpython2.6-devel-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"python-docs-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"tkinter-apps-2.6.5-2.5mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:41", "description": "It was found that many applications embedding the Python interpreter did not specify a valid full path to the script or application when calling the PySys_SetArgv API function, which could result in the addition of the current working directory to the module search path (sys.path). A local attacker able to trick a victim into running such an application in an attacker-controlled directory could use this flaw to execute code with the victim's privileges. This update adds the PySys_SetArgvEx API. Developers can modify their applications to use this new API, which sets sys.argv without modifying sys.path.\n(CVE-2008-5983)\n\nMultiple flaws were found in the Python rgbimg module. If an application written in Python was using the rgbimg module and loaded a specially crafted SGI image file, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-4134, CVE-2010-1449, CVE-2010-1450)\n\nMultiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nThis update also fixes the following bugs :\n\n - When starting a child process from the subprocess module in Python 2.4, the parent process could leak file descriptors if an error occurred. This update resolves the issue. (BZ#609017)\n\n - Prior to Python 2.7, programs that used 'ulimit -n' to enable communication with large numbers of subprocesses could still monitor only 1024 file descriptors at a time, which caused an exception :\n\n ValueError: filedescriptor out of range in select()\n\nThis was due to the subprocess module using the 'select' system call.\nThe module now uses the 'poll' system call, removing this limitation.\n(BZ#609020)\n\n - Prior to Python 2.5, the tarfile module failed to unpack tar files if the path was longer than 100 characters.\n This update backports the tarfile module from Python 2.5 and the issue no longer occurs. (BZ#263401)\n\n - The email module incorrectly implemented the logic for obtaining attachment file names: the get_filename() fallback for using the deprecated 'name' parameter of the 'Content-Type' header erroneously used the 'Content-Disposition' header. This update backports a fix from Python 2.6, which resolves this issue.\n (BZ#644147)\n\n - Prior to version 2.5, Python's optimized memory allocator never released memory back to the system. The memory usage of a long-running Python process would resemble a 'high-water mark'. This update backports a fix from Python 2.5a1, which frees unused arenas, and adds a non-standard sys._debugmallocstats() function, which prints diagnostic information to stderr. Finally, when running under Valgrind, the optimized allocator is deactivated, to allow more convenient debugging of Python memory usage issues. (BZ#569093)\n\n - The urllib and urllib2 modules ignored the no_proxy variable, which could lead to programs such as 'yum' erroneously accessing a proxy server for URLs covered by a 'no_proxy' exclusion. This update backports fixes of urllib and urllib2, which respect the 'no_proxy' variable, which fixes these issues. (BZ#549372)\n\nAs well, this update adds the following enhancements :\n\n - This update introduces a new python-libs package, subsuming the majority of the content of the core python package. This makes both 32-bit and 64-bit Python libraries available on PowerPC systems. (BZ#625372)\n\n - The python-libs.i386 package is now available for 64-bit Itanium with the 32-bit Itanium compatibility mode.\n (BZ#644761)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2009-4134", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110113_PYTHON_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60935", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60935);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n\n script_name(english:\"Scientific Linux Security Update : python on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was found that many applications embedding the Python interpreter\ndid not specify a valid full path to the script or application when\ncalling the PySys_SetArgv API function, which could result in the\naddition of the current working directory to the module search path\n(sys.path). A local attacker able to trick a victim into running such\nan application in an attacker-controlled directory could use this flaw\nto execute code with the victim's privileges. This update adds the\nPySys_SetArgvEx API. Developers can modify their applications to use\nthis new API, which sets sys.argv without modifying sys.path.\n(CVE-2008-5983)\n\nMultiple flaws were found in the Python rgbimg module. If an\napplication written in Python was using the rgbimg module and loaded a\nspecially crafted SGI image file, it could cause the application to\ncrash or, possibly, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2009-4134, CVE-2010-1449,\nCVE-2010-1450)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nThis update also fixes the following bugs :\n\n - When starting a child process from the subprocess module\n in Python 2.4, the parent process could leak file\n descriptors if an error occurred. This update resolves\n the issue. (BZ#609017)\n\n - Prior to Python 2.7, programs that used 'ulimit -n' to\n enable communication with large numbers of subprocesses\n could still monitor only 1024 file descriptors at a\n time, which caused an exception :\n\n ValueError: filedescriptor out of range in select()\n\nThis was due to the subprocess module using the 'select' system call.\nThe module now uses the 'poll' system call, removing this limitation.\n(BZ#609020)\n\n - Prior to Python 2.5, the tarfile module failed to unpack\n tar files if the path was longer than 100 characters.\n This update backports the tarfile module from Python 2.5\n and the issue no longer occurs. (BZ#263401)\n\n - The email module incorrectly implemented the logic for\n obtaining attachment file names: the get_filename()\n fallback for using the deprecated 'name' parameter of\n the 'Content-Type' header erroneously used the\n 'Content-Disposition' header. This update backports a\n fix from Python 2.6, which resolves this issue.\n (BZ#644147)\n\n - Prior to version 2.5, Python's optimized memory\n allocator never released memory back to the system. The\n memory usage of a long-running Python process would\n resemble a 'high-water mark'. This update backports a\n fix from Python 2.5a1, which frees unused arenas, and\n adds a non-standard sys._debugmallocstats() function,\n which prints diagnostic information to stderr. Finally,\n when running under Valgrind, the optimized allocator is\n deactivated, to allow more convenient debugging of\n Python memory usage issues. (BZ#569093)\n\n - The urllib and urllib2 modules ignored the no_proxy\n variable, which could lead to programs such as 'yum'\n erroneously accessing a proxy server for URLs covered by\n a 'no_proxy' exclusion. This update backports fixes of\n urllib and urllib2, which respect the 'no_proxy'\n variable, which fixes these issues. (BZ#549372)\n\nAs well, this update adds the following enhancements :\n\n - This update introduces a new python-libs package,\n subsuming the majority of the content of the core python\n package. This makes both 32-bit and 64-bit Python\n libraries available on PowerPC systems. (BZ#625372)\n\n - The python-libs.i386 package is now available for 64-bit\n Itanium with the 32-bit Itanium compatibility mode.\n (BZ#644761)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=263401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=549372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=569093\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=609017\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=609020\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=625372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=644147\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=644761\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1102&L=scientific-linux-errata&T=0&P=1728\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?09c6df78\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"python-2.4.3-43.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-devel-2.4.3-43.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-libs-2.4.3-43.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-tools-2.4.3-43.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tkinter-2.4.3-43.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:04", "description": "- a race condition in the accept() implementation of smtpd.py could lead to a denial of service (CVE-2010-3493).\n\n - integer overflows and insufficient size checks could crash the audioop module (CVE-2010-2089, CVE-2010-1634).", "cvss3": {}, "published": "2011-05-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libpython2_6-1_0 (openSUSE-SU-2010:1049-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpython2_6-1_0", "p-cpe:/a:novell:opensuse:libpython2_6-1_0-32bit", "p-cpe:/a:novell:opensuse:python", "p-cpe:/a:novell:opensuse:python-32bit", "p-cpe:/a:novell:opensuse:python-base", "p-cpe:/a:novell:opensuse:python-base-32bit", "p-cpe:/a:novell:opensuse:python-curses", "p-cpe:/a:novell:opensuse:python-demo", "p-cpe:/a:novell:opensuse:python-devel", "p-cpe:/a:novell:opensuse:python-gdbm", "p-cpe:/a:novell:opensuse:python-idle", "p-cpe:/a:novell:opensuse:python-tk", "p-cpe:/a:novell:opensuse:python-xml", "cpe:/o:novell:opensuse:11.2"], "id": "SUSE_11_2_LIBPYTHON2_6-1_0-101028.NASL", "href": "https://www.tenable.com/plugins/nessus/53756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libpython2_6-1_0-3487.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53756);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\");\n\n script_name(english:\"openSUSE Security Update : libpython2_6-1_0 (openSUSE-SU-2010:1049-1)\");\n script_summary(english:\"Check for the libpython2_6-1_0-3487 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - a race condition in the accept() implementation of\n smtpd.py could lead to a denial of service\n (CVE-2010-3493).\n\n - integer overflows and insufficient size checks could\n crash the audioop module (CVE-2010-2089, CVE-2010-1634).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=609761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=638233\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2010-12/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpython2_6-1_0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_6-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython2_6-1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-base-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.2\", reference:\"libpython2_6-1_0-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-base-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-curses-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-demo-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-devel-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-gdbm-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-idle-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-tk-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", reference:\"python-xml-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"libpython2_6-1_0-32bit-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"python-32bit-2.6.2-6.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.2\", cpu:\"x86_64\", reference:\"python-base-32bit-2.6.2-6.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpython2_6-1_0 / libpython2_6-1_0-32bit / python / python-32bit / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:22", "description": "Rebase of python3 from 3.2.2 to 3.2.3 bringing in security fixes, along with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-05-07T00:00:00", "type": "nessus", "title": "Fedora 17 : python3-3.2.3-5.fc17 (2012-5785) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5785.NASL", "href": "https://www.tenable.com/plugins/nessus/58996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5785.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58996);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-5785\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 17 : python3-3.2.3-5.fc17 (2012-5785) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Rebase of python3 from 3.2.2 to 3.2.3 bringing in security fixes,\nalong with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.python.org/download/releases/3.2.3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080066.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e96a7c4e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"python3-3.2.3-5.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:12", "description": "Rebase of Python 3 ('python3') from 3.2 to 3.2.3 bringing in security fixes, along with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-05-04T00:00:00", "type": "nessus", "title": "Fedora 15 : python3-3.2.3-1.fc15 (2012-5916) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-5916.NASL", "href": "https://www.tenable.com/plugins/nessus/58979", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5916.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58979);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-5916\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 15 : python3-3.2.3-1.fc15 (2012-5916) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Rebase of Python 3 ('python3') from 3.2 to 3.2.3 bringing in security\nfixes, along with other bugfixes.\n\nSee http://python.org/download/releases/3.2.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.python.org/download/releases/3.2.3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079698.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9a2c301b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"python3-3.2.3-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:42", "description": "Fixes debug build systemtap support. Rebase of python3 from 3.2.1 to 3.2.3 bringing in security fixes, along with many other bug fixes. The compiled *.pyc and *.pyo files are now properly compiled so python3 doesn't try to recompile them over and over on runtime anymore.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "nessus", "title": "Fedora 16 : python3-3.2.3-2.fc16 (2012-9135) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python3", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-9135.NASL", "href": "https://www.tenable.com/plugins/nessus/59580", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-9135.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59580);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-9135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 16 : python3-3.2.3-2.fc16 (2012-9135) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Fixes debug build systemtap support. Rebase of python3 from 3.2.1 to\n3.2.3 bringing in security fixes, along with many other bug fixes. The\ncompiled *.pyc and *.pyo files are now properly compiled so python3\ndoesn't try to recompile them over and over on runtime anymore.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-June/082457.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b72781c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"python3-3.2.3-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "Rebase of Python 2 ('python' and 'python-docs') from 2.7.2 to 2.7.3 bringing in security fixes, along with other bugfixes.\n\nSee http://python.org/download/releases/2.7.3/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-05-07T00:00:00", "type": "nessus", "title": "Fedora 16 : python-2.7.3-1.fc16 / python-docs-2.7.3-1.fc16 (2012-5924) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python", "p-cpe:/a:fedoraproject:fedora:python-docs", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-5924.NASL", "href": "https://www.tenable.com/plugins/nessus/58997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5924.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58997);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-5924\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 16 : python-2.7.3-1.fc16 / python-docs-2.7.3-1.fc16 (2012-5924) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Rebase of Python 2 ('python' and 'python-docs') from 2.7.2 to 2.7.3\nbringing in security fixes, along with other bugfixes.\n\nSee http://python.org/download/releases/2.7.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.python.org/download/releases/2.7.3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079978.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?16ed5efa\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079979.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b6c0f47e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python and / or python-docs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"python-2.7.3-1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"python-docs-2.7.3-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:29", "description": "Rebase of Python 2 ('python') from 2.7.2 to 2.7.3, bringing in security fixes, along with numerous other bugfixes.\n\nSee http://python.org/download/releases/2.7.3/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-05-02T00:00:00", "type": "nessus", "title": "Fedora 17 : python-2.7.3-3.fc17 / python-docs-2.7.3-1.fc17 (2012-5892) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python", "p-cpe:/a:fedoraproject:fedora:python-docs", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-5892.NASL", "href": "https://www.tenable.com/plugins/nessus/58956", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-5892.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58956);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_bugtraq_id(49778, 51239, 51996);\n script_xref(name:\"FEDORA\", value:\"2012-5892\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Fedora 17 : python-2.7.3-3.fc17 / python-docs-2.7.3-1.fc17 (2012-5892) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Rebase of Python 2 ('python') from 2.7.2 to 2.7.3, bringing in\nsecurity fixes, along with numerous other bugfixes.\n\nSee http://python.org/download/releases/2.7.3/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.python.org/download/releases/2.7.3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=812068\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079569.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?da059612\");\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/079570.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0e5e969\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python and / or python-docs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"python-2.7.3-3.fc17\")) flag++;\nif (rpm_check(release:\"FC17\", reference:\"python-docs-2.7.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-docs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:42:05", "description": "The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0027 advisory.\n\n - Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory. (CVE-2008-5983)\n\n - Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. (CVE-2009-4134)\n\n - Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. (CVE-2010-1449)\n\n - Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. (CVE-2010-1450)\n\n - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. (CVE-2010-1634)\n\n - The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. (CVE-2010-2089)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-07T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : python (ELSA-2011-0027)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3143", "CVE-2008-5983", "CVE-2009-4134", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-1634", "CVE-2010-2089"], "modified": "2023-09-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-devel", "p-cpe:/a:oracle:linux:python-libs", "p-cpe:/a:oracle:linux:python-tools", "p-cpe:/a:oracle:linux:tkinter"], "id": "ORACLELINUX_ELSA-2011-0027.NASL", "href": "https://www.tenable.com/plugins/nessus/181052", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2011-0027.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(181052);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2008-5983\",\n \"CVE-2009-4134\",\n \"CVE-2010-1449\",\n \"CVE-2010-1450\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\"\n );\n\n script_name(english:\"Oracle Linux 5 : python (ELSA-2011-0027)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2011-0027 advisory.\n\n - Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and\n possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a\n path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in\n the current working directory. (CVE-2008-5983)\n\n - Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service\n (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an\n invalid pointer dereference. (CVE-2009-4134)\n\n - Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an\n unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists\n because of an incomplete fix for CVE-2008-3143.12. (CVE-2010-1449)\n\n - Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to\n have an unspecified impact via an image file containing crafted data that triggers improper processing\n within the (1) longimagedata or (2) expandrow function. (CVE-2010-1450)\n\n - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow\n context-dependent attackers to cause a denial of service (application crash) via a large fragment, as\n demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer\n overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. (CVE-2010-1634)\n\n - The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte\n string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption\n and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte\n string, a different vulnerability than CVE-2010-1634. (CVE-2010-2089)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2011-0027.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2010-1450\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2010-1449\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/01/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 5', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'python-2.4.3-43.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-devel-2.4.3-43.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-libs-2.4.3-43.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-tools-2.4.3-43.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tkinter-2.4.3-43.el5', 'cpu':'i386', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-2.4.3-43.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-devel-2.4.3-43.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-libs-2.4.3-43.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-tools-2.4.3-43.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tkinter-2.4.3-43.el5', 'cpu':'x86_64', 'release':'5', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python / python-devel / python-libs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:27:44", "description": "The remote NewStart CGSL host, running version MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities:\n\n - Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo method, and unspecified other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other files, which trigger heap-based buffer overflows. (CVE-2007-4965)\n\n - Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context- dependent attackers to defeat cryptographic digests, related to partial hashlib hashing of data exceeding 4GB. (CVE-2008-2316)\n\n - Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory. (CVE-2008-5983)\n\n - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context- dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. (CVE-2010-1634)\n\n - The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one- byte string, a different vulnerability than CVE-2010-1634. (CVE-2010-2089)\n\n - The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in- the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. (CVE-2013-4238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2007-4965", "CVE-2008-2316", "CVE-2008-3143", "CVE-2008-5983", "CVE-2009-2408", "CVE-2010-1634", "CVE-2010-2089", "CVE-2013-4238"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0008_PYTHON.NASL", "href": "https://www.tenable.com/plugins/nessus/127154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0008. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127154);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2007-4965\",\n \"CVE-2008-2316\",\n \"CVE-2008-5983\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2013-4238\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0008)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 5.04, has python packages installed that are affected by multiple\nvulnerabilities:\n\n - Multiple integer overflows in the imageop module in\n Python 2.5.1 and earlier allow context-dependent\n attackers to cause a denial of service (application\n crash) and possibly obtain sensitive information (memory\n contents) via crafted arguments to (1) the tovideo\n method, and unspecified other vectors related to (2)\n imageop.c, (3) rbgimgmodule.c, and other files, which\n trigger heap-based buffer overflows. (CVE-2007-4965)\n\n - Integer overflow in _hashopenssl.c in the hashlib module\n in Python 2.5.2 and earlier might allow context-\n dependent attackers to defeat cryptographic digests,\n related to partial hashlib hashing of data exceeding\n 4GB. (CVE-2008-2316)\n\n - Untrusted search path vulnerability in the PySys_SetArgv\n API function in Python 2.6 and earlier, and possibly\n later versions, prepends an empty string to sys.path\n when the argv[0] argument does not contain a path\n separator, which might allow local users to execute\n arbitrary code via a Trojan horse Python file in the\n current working directory. (CVE-2008-5983)\n\n - Multiple integer overflows in audioop.c in the audioop\n module in Python 2.6, 2.7, 3.1, and 3.2 allow context-\n dependent attackers to cause a denial of service\n (application crash) via a large fragment, as\n demonstrated by a call to audioop.lin2lin with a long\n string in the first argument, leading to a buffer\n overflow. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2008-3143.5. (CVE-2010-1634)\n\n - The audioop module in Python 2.7 and 3.2 does not verify\n the relationships between size arguments and byte string\n lengths, which allows context-dependent attackers to\n cause a denial of service (memory corruption and\n application crash) via crafted arguments, as\n demonstrated by a call to audioop.reverse with a one-\n byte string, a different vulnerability than\n CVE-2010-1634. (CVE-2010-2089)\n\n - The ssl.match_hostname function in the SSL module in\n Python 2.6 through 3.4 does not properly handle a '\\0'\n character in a domain name in the Subject Alternative\n Name field of an X.509 certificate, which allows man-in-\n the-middle attackers to spoof arbitrary SSL servers via\n a crafted certificate issued by a legitimate\n Certification Authority, a related issue to\n CVE-2009-2408. (CVE-2013-4238)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0008\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL python packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2008-2316\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/09/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL MAIN 5.04\": [\n \"python-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-debug-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-debuginfo-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-devel-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-libs-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-test-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"python-tools-2.7.5-58.el7.cgslv5.0.1.g6d96868\",\n \"tkinter-2.7.5-58.el7.cgslv5.0.1.g6d96868\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:11:23", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST' attack. (CVE-2011-3389)\n\n - SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. (CVE-2012-0845)\n\n - The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. (CVE-2012-0876)\n\n - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. (CVE-2012-1150)", "cvss3": {}, "published": "2015-01-19T00:00:00", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389", "CVE-2012-0845", "CVE-2012-0876", "CVE-2012-1150"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:python"], "id": "SOLARIS11_PYTHON_20130410.NASL", "href": "https://www.tenable.com/plugins/nessus/80749", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80749);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2011-3389\",\n \"CVE-2012-0845\",\n \"CVE-2012-0876\",\n \"CVE-2012-1150\"\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - The SSL protocol, as used in certain configurations in\n Microsoft Windows and Microsoft Internet Explorer,\n Mozilla Firefox, Google Chrome, Opera, and other\n products, encrypts data by using CBC mode with chained\n initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n (1) the HTML5 WebSocket API, (2) the Java URLConnection\n API, or (3) the Silverlight WebClient API, aka a 'BEAST'\n attack. (CVE-2011-3389)\n\n - SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python\n before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and\n 3.2.x before 3.2.3 allows remote attackers to cause a\n denial of service (infinite loop and CPU consumption)\n via an XML-RPC POST request that contains a smaller\n amount of data than specified by the Content-Length\n header. (CVE-2012-0845)\n\n - The XML parser (xmlparse.c) in expat before 2.1.0\n computes hash values without restricting the ability to\n trigger hash collisions predictably, which allows\n context-dependent attackers to cause a denial of service\n (CPU consumption) via an XML file with many identifiers\n with the same value. (CVE-2012-0876)\n\n - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before\n 3.1.5, and 3.2.x before 3.2.3 computes hash values\n without restricting the ability to trigger hash\n collisions predictably, which allows context-dependent\n attackers to cause a denial of service (CPU consumption)\n via crafted input to an application that maintains a\n hash table. (CVE-2012-1150)\");\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a913f44\");\n # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-python\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9a660295\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Solaris 11.1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:python\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^python-\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.0.0.0.0\", sru:\"SRU 0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : python\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_warning(port:0, extra:error_extra);\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"python\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:21", "description": "Apache2 mod_python has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. (CVE-2012-1150)\n\nAs some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced module option called\n\nPythonRandomizeHashes\n\nThe option is default on, but can be disabled if necessary for compatibility with above scripts.", "cvss3": {}, "published": "2012-08-14T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : apache2-mod_python (ZYPP Patch Number 8127)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1150"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_APACHE2-MOD_PYTHON-8127.NASL", "href": "https://www.tenable.com/plugins/nessus/61523", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61523);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-1150\");\n\n script_name(english:\"SuSE 10 Security Update : apache2-mod_python (ZYPP Patch Number 8127)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache2 mod_python has been changed to enable randomized hashes to\nhelp fixing denial of service problems by injecting prepared values\ninto Python hash functions. (CVE-2012-1150)\n\nAs some Python scripts might need a known hashing order, the old\nbehaviour can be restored using a newly introduced module option\ncalled\n\nPythonRandomizeHashes\n\nThe option is default on, but can be disabled if necessary for\ncompatibility with above scripts.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1150.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8127.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"apache2-mod_python-3.1.3-60.19.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:37", "description": "python3 was fixed for :\n\n - Fix bnc#758993 - CVE-2012-2135: python3 utf-16 decoder unicode_decode_call_errorhandler aligned_end is not updated", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : python3 (openSUSE-SU-2012:0861-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2135"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpython3_2mu1_0", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-32bit", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo", "p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:python3", "p-cpe:/a:novell:opensuse:python3-2to3", "p-cpe:/a:novell:opensuse:python3-32bit", "p-cpe:/a:novell:opensuse:python3-base", "p-cpe:/a:novell:opensuse:python3-base-debuginfo", "p-cpe:/a:novell:opensuse:python3-base-debugsource", "p-cpe:/a:novell:opensuse:python3-curses", "p-cpe:/a:novell:opensuse:python3-curses-debuginfo", "p-cpe:/a:novell:opensuse:python3-dbm", "p-cpe:/a:novell:opensuse:python3-dbm-debuginfo", "p-cpe:/a:novell:opensuse:python3-debuginfo", "p-cpe:/a:novell:opensuse:python3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:python3-debugsource", "p-cpe:/a:novell:opensuse:python3-devel", "p-cpe:/a:novell:opensuse:python3-devel-debuginfo", "p-cpe:/a:novell:opensuse:python3-doc-pdf", "p-cpe:/a:novell:opensuse:python3-idle", "p-cpe:/a:novell:opensuse:python3-tk", "p-cpe:/a:novell:opensuse:python3-tk-debuginfo", "p-cpe:/a:novell:opensuse:python3-tools", "p-cpe:/a:novell:opensuse:python3-xml", "p-cpe:/a:novell:opensuse:python3-xml-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-380.NASL", "href": "https://www.tenable.com/plugins/nessus/74675", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-380.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74675);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2135\");\n\n script_name(english:\"openSUSE Security Update : python3 (openSUSE-SU-2012:0861-1)\");\n script_summary(english:\"Check for the openSUSE-2012-380 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"python3 was fixed for :\n\n - Fix bnc#758993 - CVE-2012-2135: python3 utf-16 decoder\n unicode_decode_call_errorhandler aligned_end is not\n updated\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-07/msg00022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpython3_2mu1_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-2to3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-curses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-dbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-dbm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-xml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython3_2mu1_0-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpython3_2mu1_0-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-2to3-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-base-debugsource-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-curses-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-curses-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-dbm-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-dbm-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-debugsource-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-devel-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-devel-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-doc-pdf-3.2-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-idle-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-tk-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-tk-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-tools-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-xml-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"python3-xml-debuginfo-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython3_2mu1_0-32bit-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpython3_2mu1_0-debuginfo-32bit-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"python3-32bit-3.2.1-5.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"python3-debuginfo-32bit-3.2.1-5.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:31:47", "description": "Apache2 mod_python has been changed to enable randomized hashes to help fixing denial of service problems by injecting prepared values into Python hash functions. (CVE-2012-1150)\n\nAs some Python scripts might need a known hashing order, the old behaviour can be restored using a newly introduced module option called\n\nPythonRandomizeHashes\n\nThe option is default on, but can be disabled if necessary for compatibility with above scripts.", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : apache2-mod_python (SAT Patch Number 6247)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1150"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:apache2-mod_python", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_APACHE2-MOD_PYTHON-120503.NASL", "href": "https://www.tenable.com/plugins/nessus/64108", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64108);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-1150\");\n\n script_name(english:\"SuSE 11.1 Security Update : apache2-mod_python (SAT Patch Number 6247)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Apache2 mod_python has been changed to enable randomized hashes to\nhelp fixing denial of service problems by injecting prepared values\ninto Python hash functions. (CVE-2012-1150)\n\nAs some Python scripts might need a known hashing order, the old\nbehaviour can be restored using a newly introduced module option\ncalled\n\nPythonRandomizeHashes\n\nThe option is default on, but can be disabled if necessary for\ncompatibility with above scripts.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-1150.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6247.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:apache2-mod_python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"apache2-mod_python-3.3.1-147.24.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:28", "description": "SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python27 (ALAS-2012-81)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0845"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python27", "p-cpe:/a:amazon:linux:python27-debuginfo", "p-cpe:/a:amazon:linux:python27-devel", "p-cpe:/a:amazon:linux:python27-libs", "p-cpe:/a:amazon:linux:python27-test", "p-cpe:/a:amazon:linux:python27-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-81.NASL", "href": "https://www.tenable.com/plugins/nessus/69688", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-81.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69688);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0845\");\n script_xref(name:\"ALAS\", value:\"2012-81\");\n\n script_name(english:\"Amazon Linux AMI : python27 (ALAS-2012-81)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8,\n2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows\nremote attackers to cause a denial of service (infinite loop and CPU\nconsumption) via an XML-RPC POST request that contains a smaller\namount of data than specified by the Content-Length header.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-81.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python27' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python27-2.7.3-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-debuginfo-2.7.3-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-devel-2.7.3-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-libs-2.7.3-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-test-2.7.3-1.18.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python27-tools-2.7.3-1.18.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python27 / python27-debuginfo / python27-devel / python27-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:20", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the 'file://' URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled new connections. A remote user could use this flaw to cause a Python script using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python CGIHTTPServer module processed certain HTTP GET requests. A remote attacker could use a specially crafted request to obtain the CGI script's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser handled malformed UTF-8 sequences when processing XML files. A specially crafted XML file could cause Python applications using the Python Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its own internal copy; therefore, users must have the version of Expat shipped with RHSA-2009:1625 installed, or a later version, to resolve the CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2011-05-06T00:00:00", "type": "nessus", "title": "CentOS 4 : python (CESA-2011:0491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3720", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:python", "p-cpe:/a:centos:centos:python-devel", "p-cpe:/a:centos:centos:python-docs", "p-cpe:/a:centos:centos:python-tools", "p-cpe:/a:centos:centos:tkinter", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2011-0491.NASL", "href": "https://www.tenable.com/plugins/nessus/53814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0491 and \n# CentOS Errata and Security Advisory 2011:0491 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53814);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-3720\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\");\n script_bugtraq_id(36097, 40370, 40863, 44533, 46541, 47024);\n script_xref(name:\"RHSA\", value:\"2011:0491\");\n\n script_name(english:\"CentOS 4 : python (CESA-2011:0491)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA flaw was found in the Python urllib and urllib2 libraries where they\nwould not differentiate between different target URLs when handling\nautomatic redirects. This caused Python applications using these\nmodules to follow any new URL that they understood, including the\n'file://' URL type. This could allow a remote server to force a local\nPython application to read a local file instead of the remote one,\npossibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled\nnew connections. A remote user could use this flaw to cause a Python\nscript using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python\nCGIHTTPServer module processed certain HTTP GET requests. A remote\nattacker could use a specially crafted request to obtain the CGI\nscript's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser\nhandled malformed UTF-8 sequences when processing XML files. A\nspecially crafted XML file could cause Python applications using the\nPython Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its\nown internal copy; therefore, users must have the version of Expat\nshipped with RHSA-2009:1625 installed, or a later version, to resolve\nthe CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017520.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2f668285\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-May/017521.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44c69a2a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"python-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"python-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"python-devel-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"python-devel-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"python-docs-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"python-docs-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"python-tools-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"python-tools-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"tkinter-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"tkinter-2.3.4-14.10.el4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:39", "description": "Jan Lieskovsky reports,\n\nA denial of service flaw was found in the way Simple XML-RPC Server module of Python processed client connections, that were closed prior the complete request body has been received. A remote attacker could use this flaw to cause Python Simple XML-RPC based server process to consume excessive amount of CPU.", "cvss3": {}, "published": "2012-02-14T00:00:00", "type": "nessus", "title": "FreeBSD : Python -- DoS via malformed XML-RPC / HTTP POST request (b4f8be9e-56b2-11e1-9fb7-003067b2972c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0845"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:pypy", "p-cpe:/a:freebsd:freebsd:python24", "p-cpe:/a:freebsd:freebsd:python25", "p-cpe:/a:freebsd:freebsd:python26", "p-cpe:/a:freebsd:freebsd:python27", "p-cpe:/a:freebsd:freebsd:python31", "p-cpe:/a:freebsd:freebsd:python32", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_B4F8BE9E56B211E19FB7003067B2972C.NASL", "href": "https://www.tenable.com/plugins/nessus/57926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57926);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0845\");\n\n script_name(english:\"FreeBSD : Python -- DoS via malformed XML-RPC / HTTP POST request (b4f8be9e-56b2-11e1-9fb7-003067b2972c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jan Lieskovsky reports,\n\nA denial of service flaw was found in the way Simple XML-RPC Server\nmodule of Python processed client connections, that were closed prior\nthe complete request body has been received. A remote attacker could\nuse this flaw to cause Python Simple XML-RPC based server process to\nconsume excessive amount of CPU.\"\n );\n # http://bugs.python.org/issue14001\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.python.org/issue14001\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=789790\"\n );\n # https://bugs.pypy.org/issue1047\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.archive.org/liveweb/https://bugs.pypy.org/issue1047\"\n );\n # https://vuxml.freebsd.org/freebsd/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e2b6abf4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:pypy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python25\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python32\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python32<=3.2.2_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python31<=3.1.4_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python27<=2.7.2_3\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python26<=2.6.7_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python25<=2.5.6_2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"python24<=2.4.5_8\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"pypy<=1.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:21", "description": "Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the 'file://' URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled new connections. A remote user could use this flaw to cause a Python script using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python CGIHTTPServer module processed certain HTTP GET requests. A remote attacker could use a specially crafted request to obtain the CGI script's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser handled malformed UTF-8 sequences when processing XML files. A specially crafted XML file could cause Python applications using the Python Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its own internal copy; therefore, users must have the version of Expat shipped with RHSA-2009:1625 installed, or a later version, to resolve the CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2011-05-06T00:00:00", "type": "nessus", "title": "RHEL 4 : python (RHSA-2011:0491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3720", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python", "p-cpe:/a:redhat:enterprise_linux:python-devel", "p-cpe:/a:redhat:enterprise_linux:python-docs", "p-cpe:/a:redhat:enterprise_linux:python-tools", "p-cpe:/a:redhat:enterprise_linux:tkinter", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8"], "id": "REDHAT-RHSA-2011-0491.NASL", "href": "https://www.tenable.com/plugins/nessus/53820", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0491. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53820);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3720\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\");\n script_bugtraq_id(36097, 40370, 40863, 44533, 46541, 47024);\n script_xref(name:\"RHSA\", value:\"2011:0491\");\n\n script_name(english:\"RHEL 4 : python (RHSA-2011:0491)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA flaw was found in the Python urllib and urllib2 libraries where they\nwould not differentiate between different target URLs when handling\nautomatic redirects. This caused Python applications using these\nmodules to follow any new URL that they understood, including the\n'file://' URL type. This could allow a remote server to force a local\nPython application to read a local file instead of the remote one,\npossibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled\nnew connections. A remote user could use this flaw to cause a Python\nscript using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python\nCGIHTTPServer module processed certain HTTP GET requests. A remote\nattacker could use a specially crafted request to obtain the CGI\nscript's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser\nhandled malformed UTF-8 sequences when processing XML files. A\nspecially crafted XML file could cause Python applications using the\nPython Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its\nown internal copy; therefore, users must have the version of Expat\nshipped with RHSA-2009:1625 installed, or a later version, to resolve\nthe CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-3720\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3493\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1521\"\n );\n # https://rhn.redhat.com/errata/RHSA-2009-1625.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0491\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0491\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"python-2.3.4-14.10.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-devel-2.3.4-14.10.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-docs-2.3.4-14.10.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"python-tools-2.3.4-14.10.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tkinter-2.3.4-14.10.el4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:23:53", "description": "SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python26 (ALAS-2012-80)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0845"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26", "p-cpe:/a:amazon:linux:python26-debuginfo", "p-cpe:/a:amazon:linux:python26-devel", "p-cpe:/a:amazon:linux:python26-libs", "p-cpe:/a:amazon:linux:python26-test", "p-cpe:/a:amazon:linux:python26-tools", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-80.NASL", "href": "https://www.tenable.com/plugins/nessus/69687", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-80.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69687);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0845\");\n script_xref(name:\"ALAS\", value:\"2012-80\");\n\n script_name(english:\"Amazon Linux AMI : python26 (ALAS-2012-80)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8,\n2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows\nremote attackers to cause a denial of service (infinite loop and CPU\nconsumption) via an XML-RPC POST request that contains a smaller\namount of data than specified by the Content-Length header.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-80.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update python26' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"python26-2.6.8-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-debuginfo-2.6.8-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-devel-2.6.8-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-libs-2.6.8-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-test-2.6.8-1.45.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"python26-tools-2.6.8-1.45.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26 / python26-debuginfo / python26-devel / python26-libs / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:37:52", "description": "From Red Hat Security Advisory 2011:0491 :\n\nUpdated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the 'file://' URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled new connections. A remote user could use this flaw to cause a Python script using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python CGIHTTPServer module processed certain HTTP GET requests. A remote attacker could use a specially crafted request to obtain the CGI script's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser handled malformed UTF-8 sequences when processing XML files. A specially crafted XML file could cause Python applications using the Python Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its own internal copy; therefore, users must have the version of Expat shipped with RHSA-2009:1625 installed, or a later version, to resolve the CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which contain backported patches to correct these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 : python (ELSA-2011-0491)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3720", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:python", "p-cpe:/a:oracle:linux:python-devel", "p-cpe:/a:oracle:linux:python-docs", "p-cpe:/a:oracle:linux:python-tools", "p-cpe:/a:oracle:linux:tkinter", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2011-0491.NASL", "href": "https://www.tenable.com/plugins/nessus/68270", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0491 and \n# Oracle Linux Security Advisory ELSA-2011-0491 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68270);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3720\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\");\n script_bugtraq_id(36097, 40370, 40863, 44533, 46541, 47024);\n script_xref(name:\"RHSA\", value:\"2011:0491\");\n\n script_name(english:\"Oracle Linux 4 : python (ELSA-2011-0491)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0491 :\n\nUpdated python packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nA flaw was found in the Python urllib and urllib2 libraries where they\nwould not differentiate between different target URLs when handling\nautomatic redirects. This caused Python applications using these\nmodules to follow any new URL that they understood, including the\n'file://' URL type. This could allow a remote server to force a local\nPython application to read a local file instead of the remote one,\npossibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled\nnew connections. A remote user could use this flaw to cause a Python\nscript using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python\nCGIHTTPServer module processed certain HTTP GET requests. A remote\nattacker could use a specially crafted request to obtain the CGI\nscript's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser\nhandled malformed UTF-8 sequences when processing XML files. A\nspecially crafted XML file could cause Python applications using the\nPython Expat parser to crash while parsing the file. (CVE-2009-3720)\n\nThis update makes Python use the system Expat library rather than its\nown internal copy; therefore, users must have the version of Expat\nshipped with RHSA-2009:1625 installed, or a later version, to resolve\nthe CVE-2009-3720 issue.\n\nAll Python users should upgrade to these updated packages, which\ncontain backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-May/002122.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected python packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"python-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"python-devel-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"python-docs-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"python-tools-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"tkinter-2.3.4-14.10.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-docs / python-tools / tkinter\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:18", "description": "A flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the 'file://' URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled new connections. A remote user could use this flaw to cause a Python script using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python CGIHTTPServer module processed certain HTTP GET requests. A remote attacker could use a specially crafted request to obtain the CGI script's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser handled malformed UTF-8 sequences when processing XML files. A specially crafted XML file could cause Python applications using the Python Expat parser to crash while parsing the file. (CVE-2009-3720)", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : python on SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3720", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493", "CVE-2011-1015", "CVE-2011-1521"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110505_PYTHON_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61033);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-3720\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2011-1521\");\n\n script_name(english:\"Scientific Linux Security Update : python on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the Python urllib and urllib2 libraries where they\nwould not differentiate between different target URLs when handling\nautomatic redirects. This caused Python applications using these\nmodules to follow any new URL that they understood, including the\n'file://' URL type. This could allow a remote server to force a local\nPython application to read a local file instead of the remote one,\npossibly exposing local files that were not meant to be exposed.\n(CVE-2011-1521)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nA race condition was found in the way the Python smtpd module handled\nnew connections. A remote user could use this flaw to cause a Python\nscript using the smtpd module to terminate. (CVE-2010-3493)\n\nAn information disclosure flaw was found in the way the Python\nCGIHTTPServer module processed certain HTTP GET requests. A remote\nattacker could use a specially crafted request to obtain the CGI\nscript's source code. (CVE-2011-1015)\n\nA buffer over-read flaw was found in the way the Python Expat parser\nhandled malformed UTF-8 sequences when processing XML files. A\nspecially crafted XML file could cause Python applications using the\nPython Expat parser to crash while parsing the file. (CVE-2009-3720)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1105&L=scientific-linux-errata&T=0&P=474\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?acadd092\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"python-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"python-devel-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"python-docs-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"python-tools-2.3.4-14.10.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"tkinter-2.3.4-14.10.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"python-2.4.3-44.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-devel-2.4.3-44.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-libs-2.4.3-44.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"python-tools-2.4.3-44.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"tkinter-2.4.3-44.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:06", "description": "With this update of Python :\n\n - a race condition in the accept() implementation of smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could crash the audioop and rgbimg modules. (CVE-2010-2089 / CVE-2010-1634 / CVE-2009-4134 / CVE-2010-1449 / CVE-2010-1450)", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : Python (ZYPP Patch Number 7314)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-4134", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-1634", "CVE-2010-2089", "CVE-2010-3493"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_PYTHON-7314.NASL", "href": "https://www.tenable.com/plugins/nessus/51642", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51642);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\");\n\n script_name(english:\"SuSE 10 Security Update : Python (ZYPP Patch Number 7314)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"With this update of Python :\n\n - a race condition in the accept() implementation of\n smtpd.py could lead to a denial of service.\n (CVE-2010-3493)\n\n - integer overflows and insufficient size checks could\n crash the audioop and rgbimg modules. (CVE-2010-2089 /\n CVE-2010-1634 / CVE-2009-4134 / CVE-2010-1449 /\n CVE-2010-1450)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-4134.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1449.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1450.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-1634.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-2089.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2010-3493.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7314.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-curses-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-devel-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-gdbm-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-tk-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"python-xml-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:3, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-curses-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-demo-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-devel-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-gdbm-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-idle-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-tk-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"python-xml-2.4.2-18.32.5\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"python-32bit-2.4.2-18.32.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:24:31", "description": "The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities :\n\n - A denial of service vulnerability exists in the big2_toUtf8() function in file lib/xmltok.c in the libexpat library. A remote attacker can exploit this, via an XML document having malformed UTF-8 sequences, to cause a buffer over-read, thus crashing the application.\n (CVE-2009-3560)\n\n - A denial of service vulnerability exists in the updatePosition() function in file lib/xmltok.c in the libexpat library. A remote attacker can exploit this, via an XML document having malformed UTF-8 sequences, to cause a buffer over-read, thus crashing the application.\n (CVE-2009-3720)\n\n - An integer overflow condition exists in the BZ2_decompress() function in file decompress.c in the bzip2 and libbzip2 library. A remote attacker can exploit this, via a crafted compressed file, to cause a denial of service or the execution of arbitrary code.\n (CVE-2010-0405)\n\n - A denial of service vulnerability exists in the audioop module due to multiple integer overflows conditions in file audioop.c. A remote attacker can exploit this, via a large fragment or argument, to cause a buffer overflow, resulting in an application crash.\n (CVE-2010-1634)\n\n - A denial of service vulnerability exists in the audioop module due to a failure to verify the relationships between size arguments and byte string length. A remote attacker can exploit this, via crafted arguments, to cause memory corruption, resulting in an application crash. (CVE-2010-2089)\n\n - A flaw exists in the urllib and urllib2 modules due to processing Location headers that specify redirection to a file. A remote attacker can exploit this, via a crafted URL, to gain sensitive information or cause a denial of service. (CVE-2011-1521)\n\n - A privilege escalation vulnerability exists due to an incorrect ACL being used for the VMware Tools folder. An attacker on an adjacent network with access to a guest operating system can exploit this to gain elevated privileges on the guest operating system.\n (CVE-2012-1518)", "cvss3": {}, "published": "2013-11-13T00:00:00", "type": "nessus", "title": "ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3560", "CVE-2009-3720", "CVE-2010-0405", "CVE-2010-1634", "CVE-2010-2089", "CVE-2011-1521", "CVE-2012-1518"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/o:vmware:esxi:5.0"], "id": "VMWARE_ESXI_5_0_BUILD_608089_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/70881", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70881);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/15 20:50:24\");\n\n script_cve_id(\n \"CVE-2009-3560\",\n \"CVE-2009-3720\",\n \"CVE-2010-0405\",\n \"CVE-2010-1634\",\n \"CVE-2010-2089\",\n \"CVE-2011-1521\",\n \"CVE-2012-1518\"\n );\n script_bugtraq_id(\n 36097,\n 37203,\n 40370,\n 40863,\n 43331,\n 47024,\n 53006\n );\n script_xref(name:\"VMSA\", value:\"2012-0001\");\n script_xref(name:\"IAVB\", value:\"2010-B-0083\");\n script_xref(name:\"VMSA\", value:\"2012-0005\");\n script_xref(name:\"VMSA\", value:\"2012-0007\");\n script_xref(name:\"EDB-ID\", value:\"34145\");\n\n script_name(english:\"ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check)\");\n script_summary(english:\"Checks the ESXi version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote VMware ESXi 5.0 host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESXi 5.0 host is affected by multiple\nvulnerabilities :\n\n - A denial of service vulnerability exists in the\n big2_toUtf8() function in file lib/xmltok.c in the\n libexpat library. A remote attacker can exploit this,\n via an XML document having malformed UTF-8 sequences, to\n cause a buffer over-read, thus crashing the application.\n (CVE-2009-3560)\n\n - A denial of service vulnerability exists in the\n updatePosition() function in file lib/xmltok.c in the\n libexpat library. A remote attacker can exploit this,\n via an XML document having malformed UTF-8 sequences, to\n cause a buffer over-read, thus crashing the application.\n (CVE-2009-3720)\n\n - An integer overflow condition exists in the\n BZ2_decompress() function in file decompress.c in the\n bzip2 and libbzip2 library. A remote attacker can\n exploit this, via a crafted compressed file, to cause\n a denial of service or the execution of arbitrary code.\n (CVE-2010-0405)\n\n - A denial of service vulnerability exists in the audioop\n module due to multiple integer overflows conditions in\n file audioop.c. A remote attacker can exploit this, via\n a large fragment or argument, to cause a buffer\n overflow, resulting in an application crash.\n (CVE-2010-1634)\n\n - A denial of service vulnerability exists in the audioop\n module due to a failure to verify the relationships\n between size arguments and byte string length. A remote\n attacker can exploit this, via crafted arguments, to\n cause memory corruption, resulting in an application\n crash. (CVE-2010-2089)\n\n - A flaw exists in the urllib and urllib2 modules due to\n processing Location headers that specify redirection to\n a file. A remote attacker can exploit this, via a\n crafted URL, to gain sensitive information or cause a\n denial of service. (CVE-2011-1521)\n\n - A privilege escalation vulnerability exists due to an\n incorrect ACL being used for the VMware Tools folder. An\n attacker on an adjacent network with access to a guest\n operating system can exploit this to gain elevated\n privileges on the guest operating system.\n (CVE-2012-1518)\");\n # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2011432\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5e527c97\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2012-0001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2012-0005.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.vmware.com/security/advisories/VMSA-2012-0007.html\");\n # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2010823\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f1d92f8f\");\n # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2011433\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e044b71b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply patches ESXi500-201203102-SG and ESXi500-201203101-SG according\nto the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'White_Phosphorus');\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esxi:5.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is (C) 2013-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit(\"Host/VMware/version\");\nrel = get_kb_item_or_exit(\"Host/VMware/release\");\n\nif (\"ESXi\" >!< rel) audit(AUDIT_OS_NOT, \"ESXi\");\nif (\"VMware ESXi 5.0\" >!< rel) audit(AUDIT_OS_NOT, \"ESXi 5.0\");\n\nmatch = eregmatch(pattern:'^VMware ESXi.*build-([0-9]+)$', string:rel);\nif (isnull(match)) exit(1, 'Failed to extract the ESXi build number.');\n\nbuild = int(match[1]);\nfixed_build = 608089;\n\nif (build < fixed_build)\n{\n if (report_verbosity > 0)\n {\n report = '\\n ESXi version : ' + ver +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\nelse exit(0, \"The host has \"+ver+\" build \"+build+\" and thus is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:16:57", "description": "CVE Mitre reports :\n\nUntrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).", "cvss3": {}, "published": "2009-03-12T00:00:00", "type": "nessus", "title": "FreeBSD : epiphany -- untrusted search path vulnerability (e848a92f-0e7d-11de-92de-000bcdc1757a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2008-5985"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:epiphany", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E848A92F0E7D11DE92DE000BCDC1757A.NASL", "href": "https://www.tenable.com/plugins/nessus/35910", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35910);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2008-5985\");\n\n script_name(english:\"FreeBSD : epiphany -- untrusted search path vulnerability (e848a92f-0e7d-11de-92de-000bcdc1757a)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE Mitre reports :\n\nUntrusted search path vulnerability in the Python interface in\nEpiphany 2.22.3, and possibly other versions, allows local users to\nexecute arbitrary code via a Trojan horse Python file in the current\nworking directory, related to a vulnerability in the PySys_SetArgv\nfunction (CVE-2008-5983).\"\n );\n # https://vuxml.freebsd.org/freebsd/e848a92f-0e7d-11de-92de-000bcdc1757a.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d7013806\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:epiphany\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"epiphany<2.24.2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:09", "description": "Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi libraries, to avoid any future issues with those (mitigates CVE-2012-0876 for expat).", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : python (MDVSA-2013:117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-0876"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64python-devel", "p-cpe:/a:mandriva:linux:lib64python2.7", "p-cpe:/a:mandriva:linux:python", "p-cpe:/a:mandriva:linux:python-docs", "p-cpe:/a:mandriva:linux:tkinter", "p-cpe:/a:mandriva:linux:tkinter-apps", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-117.NASL", "href": "https://www.tenable.com/plugins/nessus/66129", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:117. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66129);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-4944\");\n script_bugtraq_id(52732);\n script_xref(name:\"MDVSA\", value:\"2013:117\");\n script_xref(name:\"MGASA\", value:\"2012-0170\");\n\n script_name(english:\"Mandriva Linux Security Advisory : python (MDVSA-2013:117)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages fix security vulnerabilities :\n\nA race condition was found in the way the Python distutils module set\nfile permissions during the creation of the .pypirc file. If a local\nuser had access to the home directory of another user who is running\ndistutils, they could use this flaw to gain access to that user's\n.pypirc file, which can contain usernames and passwords for code\nrepositories (CVE-2011-4944).\n\nAdditionally, python has been built against the system expat and ffi\nlibraries, to avoid any future issues with those (mitigates\nCVE-2012-0876 for expat).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.mageia.org/en/Support/Advisories/MGAA-2012-0160\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:python-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tkinter-apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python-devel-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64python2.7-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"python-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"python-docs-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-2.7.3-4.3.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"tkinter-apps-2.7.3-4.3.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:05", "description": "The remote host is affected by the vulnerability described in GLSA-200903-41 (gedit: Untrusted search path)\n\n James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983.\n Impact :\n\n A local attacker could entice a user to open gedit from a specially crafted environment, possibly resulting in the execution of arbitrary code with the privileges of the user running the application.\n Workaround :\n\n Do not run gedit from untrusted working directories.", "cvss3": {}, "published": "2009-03-31T00:00:00", "type": "nessus", "title": "GLSA-200903-41 : gedit: Untrusted search path", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-5983", "CVE-2009-0314"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:gedit", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200903-41.NASL", "href": "https://www.tenable.com/plugins/nessus/36055", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200903-41.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36055);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2009-0314\");\n script_xref(name:\"GLSA\", value:\"200903-41\");\n\n script_name(english:\"GLSA-200903-41 : gedit: Untrusted search path\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200903-41\n(gedit: Untrusted search path)\n\n James Vega reported that gedit uses the current working directory when\n searching for python modules, a vulnerability related to CVE-2008-5983.\n \nImpact :\n\n A local attacker could entice a user to open gedit from a specially\n crafted environment, possibly resulting in the execution of arbitrary\n code with the privileges of the user running the application.\n \nWorkaround :\n\n Do not run gedit from untrusted working directories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200903-41\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All gedit 2.22.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-editors/gedit-2.22.3-r1'\n All gedit 2.24.x users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-editors/gedit-2.24.3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gedit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-editors/gedit\", unaffected:make_list(\"rge 2.22.3-r1\", \"ge 2.24.3\"), vulnerable:make_list(\"lt 2.24.3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gedit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2019-05-29T18:38:46", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1616-1", "cvss3": {}, "published": "2012-10-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for python3.1 USN-1616-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2012-2135", "CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841199", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1616_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python3.1 USN-1616-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1616-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841199\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-26 09:50:43 +0530 (Fri, 26 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1616-1\");\n script_name(\"Ubuntu Update for python3.1 USN-1616-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1616-1\");\n script_tag(name:\"affected\", value:\"python3.1 on Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n This issue only affected Ubuntu 10.04 LTS. (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. These issues only affected Ubuntu 10.04 LTS.\n (CVE-2010-1634, CVE-2010-2089)\n\n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n\n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This update adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\n\n Serhiy Storchaka discovered that the UTF16 decoder in Python did not\n properly reset internal variables after error handling. An attacker could\n exploit this to cause a denial of service via memory corruption.\n (CVE-2012-2135)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.1\", ver:\"3.1.2-0ubuntu3.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.1-minimal\", ver:\"3.1.2-0ubuntu3.2\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.1\", ver:\"3.1.3-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.1-minimal\", ver:\"3.1.3-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:45", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1615-1", "cvss3": {}, "published": "2012-10-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for python3.2 USN-1615-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2012-2135"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841197", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1615_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python3.2 USN-1615-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1615-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841197\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-26 09:44:22 +0530 (Fri, 26 Oct 2012)\");\n script_cve_id(\"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1615-1\");\n script_name(\"Ubuntu Update for python3.2 USN-1615-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1615-1\");\n script_tag(name:\"affected\", value:\"python3.2 on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization. This issue\n only affected Ubuntu 11.04 and 11.10. (CVE-2012-0845)\n\n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. This issue only affected Ubuntu 11.04\n and 11.10. (CVE-2012-1150)\n\n Serhiy Storchaka discovered that the UTF16 decoder in Python did not\n properly reset internal variables after error handling. An attacker could\n exploit this to cause a denial of service via memory corruption. This issue\n did not affect Ubuntu 12.10. (CVE-2012-2135)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-0ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-0ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.2-0ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.2-0ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2017-12-04T11:20:43", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1615-1", "cvss3": {}, "published": "2012-10-26T00:00:00", "type": "openvas", "title": "Ubuntu Update for python3.2 USN-1615-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2012-2135"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841197", "href": "http://plugins.openvas.org/nasl.php?oid=841197", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1615_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python3.2 USN-1615-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization. This issue\n only affected Ubuntu 11.04 and 11.10. (CVE-2012-0845)\n \n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. This issue only affected Ubuntu 11.04\n and 11.10. (CVE-2012-1150)\n \n Serhiy Storchaka discovered that the UTF16 decoder in Python did not\n properly reset internal variables after error handling. An attacker could\n exploit this to cause a denial of service via memory corruption. This issue\n did not affect Ubuntu 12.10. (CVE-2012-2135)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1615-1\";\ntag_affected = \"python3.2 on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1615-1/\");\n script_id(841197);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-26 09:44:22 +0530 (Fri, 26 Oct 2012)\");\n script_cve_id(\"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2012-2135\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1615-1\");\n script_name(\"Ubuntu Update for python3.2 USN-1615-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.3-0ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.3-0ubuntu3.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2.2-0ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2.2-0ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python3.2\", ver:\"3.2-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python3.2-minimal\", ver:\"3.2-1ubuntu1.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:25", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for python FEDORA-2010-9652", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862160", "href": "http://plugins.openvas.org/nasl.php?oid=862160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2010-9652\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language often compared to Tcl, Perl, Scheme or Java. Python includes\n modules, classes, exceptions, very high level dynamic data types and\n dynamic typing. Python supports interfaces to many system calls and\n libraries, as well as to various windowing systems (X11, Motif, Tk,\n Mac and MFC).\n\n Programmers can write new built-in modules for Python in C or C++.\n Python can be used as an extension language for applications that need\n a programmable interface. This package contains most of the standard\n Python modules, as well as modules for interfacing to the Tix widget\n set for Tk and RPM.\n \n Note that documentation for Python is provided in the python-docs\n package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html\");\n script_id(862160);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9652\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python FEDORA-2010-9652\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.4~27.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:54:40", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Fedora Update for python FEDORA-2010-9565", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:1361412562310862218", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862218", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2010-9565\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language often compared to Tcl, Perl, Scheme or Java. Python includes\n modules, classes, exceptions, very high level dynamic data types and\n dynamic typing. Python supports interfaces to many system calls and\n libraries, as well as to various windowing systems (X11, Motif, Tk,\n Mac and MFC).\n\n Programmers can write new built-in modules for Python in C or C++.\n Python can be used as an extension language for applications that need\n a programmable interface. This package contains most of the standard\n Python modules, as well as modules for interfacing to the Tix widget\n set for Tk and RPM.\n \n Note that documentation for Python is provided in the python-docs\n package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043726.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862218\");\n script_version(\"$Revision: 8296 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 08:28:01 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 10:05:18 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9565\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python FEDORA-2010-9565\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.2~8.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:43", "description": "Check for the Version of python3", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2010-13388", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:1361412562310862373", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python3 FEDORA-2010-13388\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"python3 on Fedora 13\";\ntag_insight = \"Python 3 is a new version of the language that is incompatible with the 2.x\n line of releases. The language is mostly the same, but many details, especially\n how built-in objects like dictionaries and strings work, have changed\n considerably, and a lot of deprecated features have finally been removed.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047008.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862373\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 15:09:12 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13388\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python3 FEDORA-2010-13388\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.1.2~7.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-15T11:58:25", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-07-06T00:00:00", "type": "openvas", "title": "Fedora Update for python FEDORA-2010-9565", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-15T00:00:00", "id": "OPENVAS:862218", "href": "http://plugins.openvas.org/nasl.php?oid=862218", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2010-9565\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language often compared to Tcl, Perl, Scheme or Java. Python includes\n modules, classes, exceptions, very high level dynamic data types and\n dynamic typing. Python supports interfaces to many system calls and\n libraries, as well as to various windowing systems (X11, Motif, Tk,\n Mac and MFC).\n\n Programmers can write new built-in modules for Python in C or C++.\n Python can be used as an extension language for applications that need\n a programmable interface. This package contains most of the standard\n Python modules, as well as modules for interfacing to the Tix widget\n set for Tk and RPM.\n \n Note that documentation for Python is provided in the python-docs\n package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Fedora 12\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043726.html\");\n script_id(862218);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-06 10:05:18 +0200 (Tue, 06 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9565\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python FEDORA-2010-9565\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.2~8.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:53", "description": "Check for the Version of python3", "cvss3": {}, "published": "2010-09-07T00:00:00", "type": "openvas", "title": "Fedora Update for python3 FEDORA-2010-13388", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-13T00:00:00", "id": "OPENVAS:862373", "href": "http://plugins.openvas.org/nasl.php?oid=862373", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python3 FEDORA-2010-13388\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"python3 on Fedora 13\";\ntag_insight = \"Python 3 is a new version of the language that is incompatible with the 2.x\n line of releases. The language is mostly the same, but many details, especially\n how built-in objects like dictionaries and strings work, have changed\n considerably, and a lot of deprecated features have finally been removed.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047008.html\");\n script_id(862373);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-07 15:09:12 +0200 (Tue, 07 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-13388\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python3 FEDORA-2010-13388\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.1.2~7.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-17T11:05:45", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-06-18T00:00:00", "type": "openvas", "title": "Fedora Update for python FEDORA-2010-9652", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2018-01-16T00:00:00", "id": "OPENVAS:1361412562310862160", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862160", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python FEDORA-2010-9652\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language often compared to Tcl, Perl, Scheme or Java. Python includes\n modules, classes, exceptions, very high level dynamic data types and\n dynamic typing. Python supports interfaces to many system calls and\n libraries, as well as to various windowing systems (X11, Motif, Tk,\n Mac and MFC).\n\n Programmers can write new built-in modules for Python in C or C++.\n Python can be used as an extension language for applications that need\n a programmable interface. This package contains most of the standard\n Python modules, as well as modules for interfacing to the Tix widget\n set for Tk and RPM.\n \n Note that documentation for Python is provided in the python-docs\n package.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Fedora 13\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862160\");\n script_version(\"$Revision: 8438 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-16 18:38:23 +0100 (Tue, 16 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-18 17:26:33 +0200 (Fri, 18 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-9652\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2008-5983\");\n script_name(\"Fedora Update for python FEDORA-2010-9652\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.4~27.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:44", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1596-1", "cvss3": {}, "published": "2012-10-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.6 USN-1596-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841178", "href": "http://plugins.openvas.org/nasl.php?oid=841178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1596_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python2.6 USN-1596-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n \n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n \n It was discovered that the CGIHTTPServer module did properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n \n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. This issue only affected Ubuntu 11.04. (CVE-2011-1521)\n \n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n \n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n \n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n \n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1596-1\";\ntag_affected = \"python2.6 on Ubuntu 11.10 ,\n Ubuntu 11.04 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1596-1/\");\n script_id(841178);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-05 09:45:35 +0530 (Fri, 05 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1596-1\");\n script_name(\"Ubuntu Update for python2.6 USN-1596-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.5-1ubuntu6.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.5-1ubuntu6.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.7-4ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.7-4ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.6-6ubuntu7.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.6-6ubuntu7.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:15", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1596-1", "cvss3": {}, "published": "2012-10-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.6 USN-1596-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1596_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python2.6 USN-1596-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1596-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841178\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-05 09:45:35 +0530 (Fri, 05 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1596-1\");\n script_name(\"Ubuntu Update for python2.6 USN-1596-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.04 LTS|11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1596-1\");\n script_tag(name:\"affected\", value:\"python2.6 on Ubuntu 11.10,\n Ubuntu 11.04,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n\n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n\n It was discovered that the CGIHTTPServer module did properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n\n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. This issue only affected Ubuntu 11.04. (CVE-2011-1521)\n\n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n\n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.5-1ubuntu6.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.5-1ubuntu6.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.7-4ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.7-4ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.6\", ver:\"2.6.6-6ubuntu7.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.6-minimal\", ver:\"2.6.6-6ubuntu7.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:59", "description": "Oracle Linux Local Security Checks ELSA-2012-0744", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0744", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123901", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123901", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0744.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123901\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:03 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0744\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0744 - python security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0744\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0744.html\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-test\", rpm:\"python-test~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.6~29.el6_2.2\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:03:30", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-98)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120305", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120305", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120305\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:12 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-98)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in Python. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update python26 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-98.html\");\n script_cve_id(\"CVE-2011-4944\", \"CVE-2012-1150\", \"CVE-2012-0845\", \"CVE-2011-4940\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"python26\", rpm:\"python26~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python26-test\", rpm:\"python26-test~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python26-debuginfo\", rpm:\"python26-debuginfo~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python26-libs\", rpm:\"python26-libs~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python26-devel\", rpm:\"python26-devel~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python26-tools\", rpm:\"python26-tools~2.6.8~2.28.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2012:0744-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870756", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2012:0744-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00014.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870756\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:50 +0530 (Tue, 19 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_xref(name:\"RHSA\", value:\"2012:0744-01\");\n script_name(\"RedHat Update for python RHSA-2012:0744-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"python on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new 'PYTHONHASHSEED' environment variable or the Python\n interpreter's '-R' command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleXMLRPCServer module handled\n clients disconnecting prematurely. A remote attacker could use this flaw to\n cause excessive CPU consumption on a server using SimpleXMLRPCServer.\n (CVE-2012-0845)\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian Waelde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:39:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for python CESA-2012:0744 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881085", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for python CESA-2012:0744 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-June/018693.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881085\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:03:55 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0744\");\n script_name(\"CentOS Update for python CESA-2012:0744 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"python on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new 'PYTHONHASHSEED' environment variable or the Python\n interpreter's '-R' command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleXMLRPCServer module handled\n clients disconnecting prematurely. A remote attacker could use this flaw to\n cause excessive CPU consumption on a server using SimpleXMLRPCServer.\n (CVE-2012-0845)\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-test\", rpm:\"python-test~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-02T10:57:57", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2012:0744-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:870756", "href": "http://plugins.openvas.org/nasl.php?oid=870756", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2012:0744-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new "PYTHONHASHSEED" environment variable or the Python\n interpreter's "-R" command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleXMLRPCServer module handled\n clients disconnecting prematurely. A remote attacker could use this flaw to\n cause excessive CPU consumption on a server using SimpleXMLRPCServer.\n (CVE-2012-0845)\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"python on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00014.html\");\n script_id(870756);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:50 +0530 (Tue, 19 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_xref(name: \"RHSA\", value: \"2012:0744-01\");\n script_name(\"RedHat Update for python RHSA-2012:0744-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.6~29.el6_2.2\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:57:57", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for python CESA-2012:0744 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:881085", "href": "http://plugins.openvas.org/nasl.php?oid=881085", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for python CESA-2012:0744 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n \n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new "PYTHONHASHSEED" environment variable or the Python\n interpreter's "-R" command line option can be used. Refer to the python(1)\n manual page for details.\n \n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n \n A flaw was found in the way the Python SimpleXMLRPCServer module handled\n clients disconnecting prematurely. A remote attacker could use this flaw to\n cause excessive CPU consumption on a server using SimpleXMLRPCServer.\n (CVE-2012-0845)\n \n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n \n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n \n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n \n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"python on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-June/018693.html\");\n script_id(881085);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:03:55 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0744\");\n script_name(\"CentOS Update for python CESA-2012:0744 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-test\", rpm:\"python-test~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.6~29.el6_2.2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:25", "description": "Check for the Version of plymouth", "cvss3": {}, "published": "2010-04-30T00:00:00", "type": "openvas", "title": "Mandriva Update for plymouth MDVA-2010:132 (plymouth)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2010-1634"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:831023", "href": "http://plugins.openvas.org/nasl.php?oid=831023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for plymouth MDVA-2010:132 (plymouth)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"plymouth on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"Plymouth verbose mode at shutdown was not displaying logs\n properly. This update fixes this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00044.php\");\n script_id(831023);\n script_version(\"$Revision: 8186 $\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-30 14:39:22 +0200 (Fri, 30 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:132\");\n script_name(\"Mandriva Update for plymouth MDVA-2010:132 (plymouth)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of plymouth\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libplymouth0\", rpm:\"libplymouth0~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libplymouth-devel\", rpm:\"libplymouth-devel~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth\", rpm:\"plymouth~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-fade-throbber\", rpm:\"plymouth-plugin-fade-throbber~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-label\", rpm:\"plymouth-plugin-label~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-script\", rpm:\"plymouth-plugin-script~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-space-flares\", rpm:\"plymouth-plugin-space-flares~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-throbgress\", rpm:\"plymouth-plugin-throbgress~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-two-step\", rpm:\"plymouth-plugin-two-step~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-scripts\", rpm:\"plymouth-scripts~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-system-theme\", rpm:\"plymouth-system-theme~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-charge\", rpm:\"plymouth-theme-charge~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-fade-in\", rpm:\"plymouth-theme-fade-in~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-glow\", rpm:\"plymouth-theme-glow~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-script\", rpm:\"plymouth-theme-script~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-solar\", rpm:\"plymouth-theme-solar~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-spinfinity\", rpm:\"plymouth-theme-spinfinity~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-utils\", rpm:\"plymouth-utils~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plymouth0\", rpm:\"lib64plymouth0~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plymouth-devel\", rpm:\"lib64plymouth-devel~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:04:34", "description": "Check for the Version of plymouth", "cvss3": {}, "published": "2010-04-30T00:00:00", "type": "openvas", "title": "Mandriva Update for plymouth MDVA-2010:132 (plymouth)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2089", "CVE-2010-1634"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310831023", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831023", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for plymouth MDVA-2010:132 (plymouth)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"plymouth on Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64\";\ntag_insight = \"Plymouth verbose mode at shutdown was not displaying logs\n properly. This update fixes this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-04/msg00044.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831023\");\n script_version(\"$Revision: 8440 $\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-30 14:39:22 +0200 (Fri, 30 Apr 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVA\", value: \"2010:132\");\n script_name(\"Mandriva Update for plymouth MDVA-2010:132 (plymouth)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of plymouth\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libplymouth0\", rpm:\"libplymouth0~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libplymouth-devel\", rpm:\"libplymouth-devel~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth\", rpm:\"plymouth~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-fade-throbber\", rpm:\"plymouth-plugin-fade-throbber~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-label\", rpm:\"plymouth-plugin-label~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-script\", rpm:\"plymouth-plugin-script~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-space-flares\", rpm:\"plymouth-plugin-space-flares~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-throbgress\", rpm:\"plymouth-plugin-throbgress~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-plugin-two-step\", rpm:\"plymouth-plugin-two-step~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-scripts\", rpm:\"plymouth-scripts~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-system-theme\", rpm:\"plymouth-system-theme~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-charge\", rpm:\"plymouth-theme-charge~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-fade-in\", rpm:\"plymouth-theme-fade-in~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-glow\", rpm:\"plymouth-theme-glow~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-script\", rpm:\"plymouth-theme-script~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-solar\", rpm:\"plymouth-theme-solar~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-theme-spinfinity\", rpm:\"plymouth-theme-spinfinity~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"plymouth-utils\", rpm:\"plymouth-utils~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plymouth0\", rpm:\"lib64plymouth0~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64plymouth-devel\", rpm:\"lib64plymouth-devel~0.7.2~8.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:20:59", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1592-1", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.7 USN-1592-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841173", "href": "http://plugins.openvas.org/nasl.php?oid=841173", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1592_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python2.7 USN-1592-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Niels Heinen discovered that the urllib and urllib2 modules would\n process Location headers that specify a redirection to file: URLs. A\n remote attacker could exploit this to obtain sensitive information or\n cause a denial of service. This issue only affected Ubuntu 11.04.\n (CVE-2011-1521)\n\n It was discovered that SimpleHTTPServer did not use a charset parameter\n in the Content-Type HTTP header. An attacker could potentially exploit\n this to conduct cross-site scripting (XSS) attacks against Internet\n Explorer 7 users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n \n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to\n obtain sensitive information. (CVE-2011-4944)\n \n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n \n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1592-1\";\ntag_affected = \"python2.7 on Ubuntu 11.10 ,\n Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1592-1/\");\n script_id(841173);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:24:32 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1592-1\");\n script_name(\"Ubuntu Update for python2.7 USN-1592-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.2-5ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.2-5ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.1-5ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.1-5ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1592-1", "cvss3": {}, "published": "2012-10-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.7 USN-1592-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1521", "CVE-2011-4944", "CVE-2012-1150", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841173", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841173", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1592_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python2.7 USN-1592-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1592-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841173\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:24:32 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-0845\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1592-1\");\n script_name(\"Ubuntu Update for python2.7 USN-1592-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(11\\.10|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1592-1\");\n script_tag(name:\"affected\", value:\"python2.7 on Ubuntu 11.10,\n Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Niels Heinen discovered that the urllib and urllib2 modules would\n process Location headers that specify a redirection to file: URLs. A\n remote attacker could exploit this to obtain sensitive information or\n cause a denial of service. This issue only affected Ubuntu 11.04.\n (CVE-2011-1521)\n\n It was discovered that SimpleHTTPServer did not use a charset parameter\n in the Content-Type HTTP header. An attacker could potentially exploit\n this to conduct cross-site scripting (XSS) attacks against Internet\n Explorer 7 users. This issue only affected Ubuntu 11.04. (CVE-2011-4940)\n\n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to\n obtain sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n\n It was discovered that Python was susceptible to hash algorithm attacks.\n An attacker could cause a denial of service under certain circumstances.\n This updates adds the '-R' command line option and honors setting the\n PYTHONHASHSEED environment variable to 'random' to salt str and datetime\n objects with an unpredictable value. (CVE-2012-1150)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.2-5ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.2-5ubuntu1.1\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.1-5ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.1-5ubuntu2.2\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2018-01-02T10:58:06", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:831685", "href": "http://plugins.openvas.org/nasl.php?oid=831685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"python on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_id(831685);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:42", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1613-1", "cvss3": {}, "published": "2012-10-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.5 USN-1613-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841195", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1613_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python2.5 USN-1613-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1613-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841195\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-19 09:53:57 +0530 (Fri, 19 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1613-1\");\n script_name(\"Ubuntu Update for python2.5 USN-1613-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1613-1\");\n script_tag(name:\"affected\", value:\"python2.5 on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n\n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n\n It was discovered that the CGIHTTPServer module did not properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n\n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. (CVE-2011-1521)\n\n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. (CVE-2011-4940)\n\n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n\n It was discovered that the Expat module in Python 2.5 computed hash values\n without restricting the ability to trigger hash collisions predictably. If\n a user or application using pyexpat were tricked into opening a crafted XML\n file, an attacker could cause a denial of service by consuming excessive\n CPU resources. (CVE-2012-0876)\n\n Tim Boddy discovered that the Expat module in Python 2.5 did not properly\n handle memory reallocation when processing XML files. If a user or\n application using pyexpat were tricked into opening a crafted XML file, an\n attacker could cause a denial of service by consuming excessive memory\n resources. (CVE-2012-1148)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.5\", ver:\"2.5.2-2ubuntu6.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.5-minimal\", ver:\"2.5.2-2ubuntu6.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:097 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310831685", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831685", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:097 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:097\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831685\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:48 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4944\", \"CVE-2012-0845\",\n \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:097\");\n script_name(\"Mandriva Update for python MDVSA-2012:097 (python)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"python on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.7\", rpm:\"libpython2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython-devel\", rpm:\"libpython-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.7\", rpm:\"lib64python2.7~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python-devel\", rpm:\"lib64python-devel~2.7.2~2.2\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-04T11:20:12", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1613-1", "cvss3": {}, "published": "2012-10-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.5 USN-1613-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841195", "href": "http://plugins.openvas.org/nasl.php?oid=841195", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1613_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python2.5 USN-1613-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n \n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n \n It was discovered that the CGIHTTPServer module did not properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n \n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. (CVE-2011-1521)\n \n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. (CVE-2011-4940)\n \n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n \n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n \n It was discovered that the Expat module in Python 2.5 computed hash values\n without restricting the ability to trigger hash collisions predictably. If\n a user or application using pyexpat were tricked into opening a crafted XML\n file, an attacker could cause a denial of service by consuming excessive\n CPU resources. (CVE-2012-0876)\n \n Tim Boddy discovered that the Expat module in Python 2.5 did not properly\n handle memory reallocation when processing XML files. If a user or\n application using pyexpat were tricked into opening a crafted XML file, an\n attacker could cause a denial of service by consuming excessive memory\n resources. (CVE-2012-1148)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1613-1\";\ntag_affected = \"python2.5 on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1613-1/\");\n script_id(841195);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-19 09:53:57 +0530 (Fri, 19 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1613-1\");\n script_name(\"Ubuntu Update for python2.5 USN-1613-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.5\", ver:\"2.5.2-2ubuntu6.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.5-minimal\", ver:\"2.5.2-2ubuntu6.2\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:32", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1613-2", "cvss3": {}, "published": "2012-10-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.4 USN-1613-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841194", "href": "http://plugins.openvas.org/nasl.php?oid=841194", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1613_2.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for python2.4 USN-1613-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the\n corresponding updates for Python 2.4.\n\n Original advisory details:\n \n It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n \n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n \n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n \n It was discovered that the CGIHTTPServer module did not properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n \n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. (CVE-2011-1521)\n \n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. (CVE-2011-4940)\n \n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n \n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n \n It was discovered that the Expat module in Python 2.5 computed hash values\n without restricting the ability to trigger hash collisions predictably. If\n a user or application using pyexpat were tricked into opening a crafted XML\n file, an attacker could cause a denial of service by consuming excessive\n CPU resources. (CVE-2012-0876)\n \n Tim Boddy discovered that the Expat module in Python 2.5 did not properly\n handle memory reallocation when processing XML files. If a user or\n application using pyexpat were tricked into opening a crafted XML file, an\n attacker could cause a denial of service by consuming excessive memory\n resources. (CVE-2012-1148)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1613-2\";\ntag_affected = \"python2.4 on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1613-2/\");\n script_id(841194);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-19 09:53:38 +0530 (Fri, 19 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1613-2\");\n script_name(\"Ubuntu Update for python2.4 USN-1613-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-1ubuntu4.4\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-1ubuntu4.4\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:10", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1613-2", "cvss3": {}, "published": "2012-10-19T00:00:00", "type": "openvas", "title": "Ubuntu Update for python2.4 USN-1613-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2012-1148", "CVE-2011-1521", "CVE-2011-4944", "CVE-2012-0876", "CVE-2012-0845", "CVE-2010-2089", "CVE-2011-4940", "CVE-2011-1015", "CVE-2008-5983", "CVE-2010-1634"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841194", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841194", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1613_2.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for python2.4 USN-1613-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1613-2/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841194\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-19 09:53:38 +0530 (Fri, 19 Oct 2012)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3493\",\n \"CVE-2011-1015\", \"CVE-2011-1521\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1148\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1613-2\");\n script_name(\"Ubuntu Update for python2.4 USN-1613-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1613-2\");\n script_tag(name:\"affected\", value:\"python2.4 on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the\n corresponding updates for Python 2.4.\n\n Original advisory details:\n\n It was discovered that Python would prepend an empty string to sys.path\n under certain circumstances. A local attacker with write access to the\n current working directory could exploit this to execute arbitrary code.\n (CVE-2008-5983)\n\n It was discovered that the audioop module did not correctly perform input\n validation. If a user or automatated system were tricked into opening a\n crafted audio file, an attacker could cause a denial of service via\n application crash. (CVE-2010-1634, CVE-2010-2089)\n\n Giampaolo Rodola discovered several race conditions in the smtpd module.\n A remote attacker could exploit this to cause a denial of service via\n daemon outage. (CVE-2010-3493)\n\n It was discovered that the CGIHTTPServer module did not properly perform\n input validation on certain HTTP GET requests. A remote attacker could\n potentially obtain access to CGI script source files. (CVE-2011-1015)\n\n Niels Heinen discovered that the urllib and urllib2 modules would process\n Location headers that specify a redirection to file: URLs. A remote\n attacker could exploit this to obtain sensitive information or cause a\n denial of service. (CVE-2011-1521)\n\n It was discovered that SimpleHTTPServer did not use a charset parameter in\n the Content-Type HTTP header. An attacker could potentially exploit this\n to conduct cross-site scripting (XSS) attacks against Internet Explorer 7\n users. (CVE-2011-4940)\n\n It was discovered that Python distutils contained a race condition when\n creating the ~/.pypirc file. A local attacker could exploit this to obtain\n sensitive information. (CVE-2011-4944)\n\n It was discovered that SimpleXMLRPCServer did not properly validate its\n input when handling HTTP POST requests. A remote attacker could exploit\n this to cause a denial of service via excessive CPU utilization.\n (CVE-2012-0845)\n\n It was discovered that the Expat module in Python 2.5 computed hash values\n without restricting the ability to trigger hash collisions predictably. If\n a user or application using pyexpat were tricked into opening a crafted XML\n file, an attacker could cause a denial of service by consuming excessive\n CPU resources. (CVE-2012-0876)\n\n Tim Boddy discovered that the Expat module in Python 2.5 did not properly\n handle memory reallocation when processing XML files. If a user or\n application using pyexpat were tricked into opening a crafted XML file, an\n attacker could cause a denial of service by consuming excessive memory\n resources. (CVE-2012-1148)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"python2.4\", ver:\"2.4.5-1ubuntu4.4\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"python2.4-minimal\", ver:\"2.4.5-1ubuntu4.4\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:07", "description": "Gentoo Linux Local Security Checks GLSA 201401-04", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201401-04", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-3493", "CVE-2010-3492", "CVE-2012-1150", "CVE-2012-0845", "CVE-2013-2099", "CVE-2010-2089", "CVE-2011-1015", "CVE-2010-1634"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121101", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201401-04.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121101\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:30 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201401-04\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201401-04\");\n script_cve_id(\"CVE-2010-1634\", \"CVE-2010-2089\", \"CVE-2010-3492\", \"CVE-2010-3493\", \"CVE-2011-1015\", \"CVE-2012-0845\", \"CVE-2012-1150\", \"CVE-2013-2099\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201401-04\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 3.2.5-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.6.8\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.3-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 3.3.2-r1\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.6.9\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.4\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.5\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.6\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.7\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.8\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.9\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.10\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.11\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.12\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.13\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.14\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(\"ge 2.7.15\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/python\", unaffected: make_list(), vulnerable: make_list(\"lt 3.3.2-r1\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:04", "description": "Oracle Linux Local Security Checks ELSA-2012-0745", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0745", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-4940"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123902", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123902", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0745.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123902\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:04 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0745\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0745 - python security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0745\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0745.html\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~46.el5_8.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~46.el5_8.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~46.el5_8.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~46.el5_8.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~46.el5_8.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2012:0745-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-4940"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870757", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2012:0745-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00015.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870757\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:55 +0530 (Tue, 19 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_xref(name:\"RHSA\", value:\"2012:0745-01\");\n script_name(\"RedHat Update for python RHSA-2012:0745-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"python on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new 'PYTHONHASHSEED' environment variable or the Python\n interpreter's '-R' command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian Waelde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-08T12:54:23", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-07-16T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2010:132 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3143", "CVE-2010-2089", "CVE-2010-1634"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:1361412562310831110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2010:132 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in python:\n\n Multiple integer overflows in audioop.c in the audioop module in\n Ptthon allow context-dependent attackers to cause a denial of service\n (application crash) via a large fragment, as demonstrated by a call\n to audioop.lin2lin with a long string in the first argument, leading\n to a buffer overflow. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2008-3143.5 (CVE-2010-1634).\n \n The audioop module in Python does not verify the relationships between\n size arguments and byte string lengths, which allows context-dependent\n attackers to cause a denial of service (memory corruption and\n application crash) via crafted arguments, as demonstrated by a call\n to audioop.reverse with a one-byte string, a different vulnerability\n than CVE-2010-1634 (CVE-2010-2089).\n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-07/msg00013.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831110\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:132\");\n script_cve_id(\"CVE-2008-3143\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_name(\"Mandriva Update for python MDVSA-2010:132 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6\", rpm:\"lib64python2.6~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6-devel\", rpm:\"lib64python2.6-devel~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6\", rpm:\"lib64python2.6~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6-devel\", rpm:\"lib64python2.6-devel~2.6.1~6.4mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.6mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:56:49", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:096 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:831686", "href": "http://plugins.openvas.org/nasl.php?oid=831686", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:096 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A flaw was found in the way the Python SimpleHTTPServer module\n generated directory listings. An attacker able to upload a file\n with a specially-crafted name to a server could possibly perform a\n cross-site scripting (XSS) attack against victims visiting a listing\n page generated by SimpleHTTPServer, for a directory containing\n the crafted file (if the victims were using certain web browsers)\n (CVE-2011-4940).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\";\n\ntag_affected = \"python on Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:096\");\n script_id(831686);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:57 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:096\");\n script_name(\"Mandriva Update for python MDVSA-2012:096 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6\", rpm:\"lib64python2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6-devel\", rpm:\"lib64python2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for python CESA-2012:0745 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-4940"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881128", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881128", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for python CESA-2012:0745 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-June/018692.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881128\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:18:07 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0745\");\n script_name(\"CentOS Update for python CESA-2012:0745 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"python on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new 'PYTHONHASHSEED' environment variable or the Python\n interpreter's '-R' command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-11T11:07:44", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-06-19T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2012:0745-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-4940"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:870757", "href": "http://plugins.openvas.org/nasl.php?oid=870757", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2012:0745-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n\n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new "PYTHONHASHSEED" environment variable or the Python\n interpreter's "-R" command line option can be used. Refer to the python(1)\n manual page for details.\n\n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n\n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n\n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n\n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n\n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"python on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-June/msg00015.html\");\n script_id(870757);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:40:55 +0530 (Tue, 19 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_xref(name: \"RHSA\", value: \"2012:0745-01\");\n script_name(\"RedHat Update for python RHSA-2012:0745-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~46.el5_8.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2011:0027-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1449", "CVE-2010-1450", "CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634", "CVE-2009-4134"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870377", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870377", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2011:0027-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00008.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870377\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2011:0027-01\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_name(\"RedHat Update for python RHSA-2011:0027-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"python on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Python is an interpreted, interactive, object-oriented programming\n language.\n\n It was found that many applications embedding the Python interpreter did\n not specify a valid full path to the script or application when calling the\n PySys_SetArgv API function, which could result in the addition of the\n current working directory to the module search path (sys.path). A local\n attacker able to trick a victim into running such an application in an\n attacker-controlled directory could use this flaw to execute code with the\n victim's privileges. This update adds the PySys_SetArgvEx API. Developers\n can modify their applications to use this new API, which sets sys.argv\n without modifying sys.path. (CVE-2008-5983)\n\n Multiple flaws were found in the Python rgbimg module. If an application\n written in Python was using the rgbimg module and loaded a\n specially-crafted SGI image file, it could cause the application to crash\n or, possibly, execute arbitrary code with the privileges of the user\n running the application. (CVE-2009-4134, CVE-2010-1449, CVE-2010-1450)\n\n Multiple flaws were found in the Python audioop module. Supplying certain\n inputs could cause the audioop module to crash or, possibly, execute\n arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\n This update also fixes the following bugs:\n\n * When starting a child process from the subprocess module in Python 2.4,\n the parent process could leak file descriptors if an error occurred. This\n update resolves the issue. (BZ#609017)\n\n * Prior to Python 2.7, programs that used 'ulimit -n' to enable\n communication with large numbers of subprocesses could still monitor only\n 1024 file descriptors at a time, which caused an exception:\n\n ValueError: filedescriptor out of range in select()\n\n This was due to the subprocess module using the 'select' system call. The\n module now uses the 'poll' system call, removing this limitation.\n (BZ#609020)\n\n * Prior to Python 2.5, the tarfile module failed to unpack tar files if the\n path was longer than 100 characters. This update backports the tarfile\n module from Python 2.5 and the issue no longer occurs. (BZ#263401)\n\n * The email module incorrectly implemented the logic for obtaining\n attachment file names: the get_filename() fallback for using the deprecated\n 'name' parameter of the 'Content-Type' header erroneously used the\n 'Content-Disposition' header. This update backports a fix from Python 2.6,\n which resolves this issue. (BZ#644147)\n\n * Prior to version 2.5, Python's ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-27T10:55:13", "description": "Check for the Version of python", "cvss3": {}, "published": "2011-01-14T00:00:00", "type": "openvas", "title": "RedHat Update for python RHSA-2011:0027-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1449", "CVE-2010-1450", "CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634", "CVE-2009-4134"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870377", "href": "http://plugins.openvas.org/nasl.php?oid=870377", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for python RHSA-2011:0027-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language.\n\n It was found that many applications embedding the Python interpreter did\n not specify a valid full path to the script or application when calling the\n PySys_SetArgv API function, which could result in the addition of the\n current working directory to the module search path (sys.path). A local\n attacker able to trick a victim into running such an application in an\n attacker-controlled directory could use this flaw to execute code with the\n victim's privileges. This update adds the PySys_SetArgvEx API. Developers\n can modify their applications to use this new API, which sets sys.argv\n without modifying sys.path. (CVE-2008-5983)\n \n Multiple flaws were found in the Python rgbimg module. If an application\n written in Python was using the rgbimg module and loaded a\n specially-crafted SGI image file, it could cause the application to crash\n or, possibly, execute arbitrary code with the privileges of the user\n running the application. (CVE-2009-4134, CVE-2010-1449, CVE-2010-1450)\n \n Multiple flaws were found in the Python audioop module. Supplying certain\n inputs could cause the audioop module to crash or, possibly, execute\n arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n \n This update also fixes the following bugs:\n \n * When starting a child process from the subprocess module in Python 2.4,\n the parent process could leak file descriptors if an error occurred. This\n update resolves the issue. (BZ#609017)\n \n * Prior to Python 2.7, programs that used "ulimit -n" to enable\n communication with large numbers of subprocesses could still monitor only\n 1024 file descriptors at a time, which caused an exception:\n \n ValueError: filedescriptor out of range in select()\n \n This was due to the subprocess module using the "select" system call. The\n module now uses the "poll" system call, removing this limitation.\n (BZ#609020)\n \n * Prior to Python 2.5, the tarfile module failed to unpack tar files if the\n path was longer than 100 characters. This update backports the tarfile\n module from Python 2.5 and the issue no longer occurs. (BZ#263401)\n \n * The email module incorrectly implemented the logic for obtaining\n attachment file names: the get_filename() fallback for using the deprecated\n "name" parameter of the "Content-Type" header erroneously used the\n "Content-Disposition" header. This update backports a fix from Python 2.6,\n which resolves this issue. (BZ#644147)\n \n * Prior to version 2.5, Python's ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"python on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-January/msg00008.html\");\n script_id(870377);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-14 16:07:43 +0100 (Fri, 14 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2011:0027-01\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_name(\"RedHat Update for python RHSA-2011:0027-01\");\n\n script_summary(\"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-debuginfo\", rpm:\"python-debuginfo~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~43.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:53", "description": "Oracle Linux Local Security Checks ELSA-2011-0027", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-0027", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1449", "CVE-2010-1450", "CVE-2010-2089", "CVE-2008-5983", "CVE-2010-1634", "CVE-2009-4134"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122278", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122278", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-0027.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122278\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:15:51 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-0027\");\n script_tag(name:\"insight\", value:\"ELSA-2011-0027 - python security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-0027\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-0027.html\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~43.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~43.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~43.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~43.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~43.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:07:44", "description": "Check for the Version of python", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for python CESA-2012:0745 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-4940"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:881128", "href": "http://plugins.openvas.org/nasl.php?oid=881128", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for python CESA-2012:0745 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python is an interpreted, interactive, object-oriented programming\n language.\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large number\n of inputs to a Python application (such as HTTP POST request parameters\n sent to a web application) that are used as keys when inserting data into\n an array could trigger multiple hash function collisions, making array\n operations take an excessive amount of CPU time. To mitigate this issue,\n randomization has been added to the hash function to reduce the chance of\n an attacker successfully causing intentional collisions. (CVE-2012-1150)\n \n Note: The hash randomization is not enabled by default as it may break\n applications that incorrectly depend on dictionary ordering. To enable the\n protection, the new "PYTHONHASHSEED" environment variable or the Python\n interpreter's "-R" command line option can be used. Refer to the python(1)\n manual page for details.\n \n The RHSA-2012:0731 expat erratum must be installed with this update, which\n adds hash randomization to the Expat library used by the Python pyexpat\n module.\n \n A flaw was found in the way the Python SimpleHTTPServer module generated\n directory listings. An attacker able to upload a file with a\n specially-crafted name to a server could possibly perform a cross-site\n scripting (XSS) attack against victims visiting a listing page generated by\n SimpleHTTPServer, for a directory containing the crafted file (if the\n victims were using certain web browsers). (CVE-2011-4940)\n \n A race condition was found in the way the Python distutils module set file\n permissions during the creation of the .pypirc file. If a local user had\n access to the home directory of another user who is running distutils, they\n could use this flaw to gain access to that user's .pypirc file, which can\n contain usernames and passwords for code repositories. (CVE-2011-4944)\n \n Red Hat would like to thank oCERT for reporting CVE-2012-1150. oCERT\n acknowledges Julian W\u00e4lde and Alexander Klink as the original reporters of\n CVE-2012-1150.\n \n All Python users should upgrade to these updated packages, which contain\n backported patches to correct these issues.\";\n\ntag_affected = \"python on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-June/018692.html\");\n script_id(881128);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:18:07 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4940\", \"CVE-2011-4944\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0745\");\n script_name(\"CentOS Update for python CESA-2012:0745 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-tools\", rpm:\"python-tools~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.4.3~46.el5_8.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-06-22T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2012:096 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-4944", "CVE-2012-1150", "CVE-2011-3389", "CVE-2012-0876", "CVE-2012-0845", "CVE-2011-4940"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310831686", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831686", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2012:096 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:096\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831686\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-22 10:32:57 +0530 (Fri, 22 Jun 2012)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2011-4940\", \"CVE-2011-4944\",\n \"CVE-2012-0845\", \"CVE-2012-0876\", \"CVE-2012-1150\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"MDVSA\", value:\"2012:096\");\n script_name(\"Mandriva Update for python MDVSA-2012:096 (python)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2010\\.1\");\n script_tag(name:\"affected\", value:\"python on Mandriva Linux 2010.1\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in python:\n\n The _ssl module would always disable the CBC IV attack countermeasure\n (CVE-2011-3389).\n\n A flaw was found in the way the Python SimpleHTTPServer module\n generated directory listings. An attacker able to upload a file\n with a specially-crafted name to a server could possibly perform a\n cross-site scripting (XSS) attack against victims visiting a listing\n page generated by SimpleHTTPServer, for a directory containing\n the crafted file (if the victims were using certain web browsers)\n (CVE-2011-4940).\n\n A race condition was found in the way the Python distutils module\n set file permissions during the creation of the .pypirc file. If a\n local user had access to the home directory of another user who is\n running distutils, they could use this flaw to gain access to that\n user's .pypirc file, which can contain usernames and passwords for\n code repositories (CVE-2011-4944).\n\n A flaw was found in the way the Python SimpleXMLRPCServer module\n handled clients disconnecting prematurely. A remote attacker could\n use this flaw to cause excessive CPU consumption on a server using\n SimpleXMLRPCServer (CVE-2012-0845).\n\n Hash table collisions CPU usage DoS for the embedded copy of expat\n (CVE-2012-0876).\n\n A denial of service flaw was found in the implementation of associative\n arrays (dictionaries) in Python. An attacker able to supply a large\n number of inputs to a Python application (such as HTTP POST request\n parameters sent to a web application) that are used as keys when\n inserting data into an array could trigger multiple hash function\n collisions, making array operations take an excessive amount of\n CPU time. To mitigate this issue, randomization has been added to\n the hash function to reduce the chance of an attacker successfully\n causing intentional collisions (CVE-2012-1150).\n\n The updated packages have been patched to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6\", rpm:\"lib64python2.6~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.6-devel\", rpm:\"lib64python2.6-devel~2.6.5~2.5mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-18T10:58:21", "description": "Check for the Version of python", "cvss3": {}, "published": "2010-07-16T00:00:00", "type": "openvas", "title": "Mandriva Update for python MDVSA-2010:132 (python)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2008-3143", "CVE-2010-2089", "CVE-2010-1634"], "modified": "2017-12-18T00:00:00", "id": "OPENVAS:831110", "href": "http://plugins.openvas.org/nasl.php?oid=831110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for python MDVSA-2010:132 (python)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in python:\n\n Multiple integer overflows in audioop.c in the audioop module in\n Ptthon allow context-dependent attackers to cause a denial of service\n (application crash) via a large fragment, as demonstrated by a call\n to audioop.lin2lin with a long string in the first argument, leading\n to a buffer overflow. NOTE: this vulnerability exists because of an\n incorrect fix for CVE-2008-3143.5 (CVE-2010-1634).\n \n The audioop module in Python does not verify the relationships between\n size arguments and byte string lengths, which allows context-dependent\n attackers to cause a denial of service (memory corruption and\n application crash) via crafted arguments, as demonstrated by a call\n to audioop.reverse with a one-byte string, a different vulnerability\n than CVE-2010-1634 (CVE-2010-2089).\n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&products_id=490\n \n The updated packages have been patched to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"python on Mandriva Linux 2008.0,\n Mandriva Linux 2008.0/X86_64,\n Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2009.1,\n Mandriva Linux 2009.1/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-07/msg00013.php\");\n script_id(831110);\n script_version(\"$Revision: 8153 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-18 07:30:39 +0100 (Mon, 18 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-07-16 10:40:49 +0200 (Fri, 16 Jul 2010)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:132\");\n script_cve_id(\"CVE-2008-3143\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_name(\"Mandriva Update for python MDVSA-2010:132 (python)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of python\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2008.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~2.7mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.5\", rpm:\"libpython2.5~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.5-devel\", rpm:\"libpython2.5-devel~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python\", rpm:\"python~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-base\", rpm:\"python-base~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-docs\", rpm:\"python-docs~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"tkinter-apps\", rpm:\"tkinter-apps~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5\", rpm:\"lib64python2.5~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64python2.5-devel\", rpm:\"lib64python2.5-devel~2.5.2~5.7mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libpython2.6\", rpm:\"libpython2.6~2.6.4~1.3mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpython2.6-devel\", rpm:\"libpython2.6-devel~2.6.4~1.3mdv2010.0\"
Ubuntu Update for python3.1 USN-1616-1
