{"modified": "2006-11-30T00:00:00", "id": "ELSA-2006-0713", "title": "Important python security update ", "edition": 1, "viewCount": 0, "objectVersion": "1.2", "type": "oraclelinux", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "lastseen": "2016-09-04T11:15:59", "description": " [2.3.4-14.3]\n - Fixed bug #208162 / CVE-2006-4980: repr unicode buffer overflow ", "href": "http://linux.oracle.com/errata/ELSA-2006-0713.html", "cvelist": ["CVE-2006-4980"], "published": "2006-11-30T00:00:00", "history": [], "reporter": "Oracle", "affectedPackage": [{"packageFilename": "python-tools-2.2.3-6.5.i386.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "3", "operator": "lt", "packageName": "python-tools"}, {"packageFilename": "tkinter-2.2.3-6.5.i386.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "3", "operator": "lt", "packageName": "tkinter"}, {"packageFilename": "tkinter-2.2.3-6.5.x86_64.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "3", "operator": "lt", "packageName": "tkinter"}, {"packageFilename": "python-docs-2.3.4-14.3.x86_64.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "4", "operator": "lt", "packageName": "python-docs"}, {"packageFilename": "python-2.2.3-6.5.i386.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "3", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-2.2.3-6.5.src.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "src", "OSVersion": "3", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-2.2.3-6.5.src.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "src", "OSVersion": "3", "operator": "lt", "packageName": "python"}, {"packageFilename": "tkinter-2.3.4-14.3.i386.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "4", "operator": "lt", "packageName": "tkinter"}, {"packageFilename": "tkinter-2.3.4-14.3.x86_64.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "4", "operator": "lt", "packageName": "tkinter"}, {"packageFilename": "python-tools-2.2.3-6.5.x86_64.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "3", "operator": "lt", "packageName": "python-tools"}, {"packageFilename": "python-2.3.4-14.3.i386.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "4", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-devel-2.2.3-6.5.x86_64.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "3", "operator": "lt", "packageName": "python-devel"}, {"packageFilename": "python-2.3.4-14.3.x86_64.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "4", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-tools-2.3.4-14.3.x86_64.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "4", "operator": "lt", "packageName": "python-tools"}, {"packageFilename": "python-devel-2.3.4-14.3.i386.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "4", "operator": "lt", "packageName": "python-devel"}, {"packageFilename": "python-2.2.3-6.5.x86_64.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "3", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-docs-2.3.4-14.3.i386.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "4", "operator": "lt", "packageName": "python-docs"}, {"packageFilename": "python-2.3.4-14.3.src.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "src", "OSVersion": "4", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-2.3.4-14.3.src.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "src", "OSVersion": "4", "operator": "lt", "packageName": "python"}, {"packageFilename": "python-devel-2.2.3-6.5.i386.rpm", "packageVersion": "2.2.3-6.5", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "3", "operator": "lt", "packageName": "python-devel"}, {"packageFilename": "python-devel-2.3.4-14.3.x86_64.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "x86_64", "OSVersion": "4", "operator": "lt", "packageName": "python-devel"}, {"packageFilename": "python-tools-2.3.4-14.3.i386.rpm", "packageVersion": "2.3.4-14.3", "OS": "Oracle Linux", "arch": "i386", "OSVersion": "4", "operator": "lt", "packageName": "python-tools"}], "references": [], "bulletinFamily": "unix", "hash": "9a69fe00d30fc4d25d22e662274c9e7261aaaec7d4413454dd9ec6f0c03f5486", "enchantments": {"vulnersScore": 2.6}}

{"result": {"cve": [{"id": "CVE-2006-4980", "type": "cve", "title": "CVE-2006-4980", "description": "Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.", "published": "2006-10-10T00:06:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4980", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-03T07:36:43"}], "f5": [{"id": "F5:K16398", "type": "f5", "title": "Python vulnerability CVE-2006-4980", "description": "\nF5 Product Development has assigned ID 510760 (BIG-IP), and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H16398 on the **Diagnostics** &gt; **Identified** &gt; **Low** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 10.1.0 - 10.2.0| 11.0.0 - 11.6.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP AAM| None| 11.4.0 - 11.6.0| Not vulnerable| None \nBIG-IP AFM| None| 11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP Analytics| None| 11.0.0 - 11.6.0| Not vulnerable| None \nBIG-IP APM| 10.1.0 - 10.2.0| 11.0.0 - 11.6.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP ASM| 10.1.0 - 10.2.0| 11.0.0 - 11.6.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP Edge Gateway| 10.1.0 - 10.2.0| 11.0.0 - 11.3.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP GTM| 10.1.0 - 10.2.0| 11.0.0 - 11.6.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP Link Controller| 10.1.0 - 10.2.0| 11.0.0 - 11.6.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP PEM| None| 11.3.0 - 11.6.0| Not vulnerable| None \nBIG-IP PSM| 10.1.0 - 10.2.0| 11.0.0 - 11.4.1 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP WebAccelerator| 10.1.0 - 10.2.0| 11.0.0 - 11.3.0 \n10.2.1 - 10.2.4| Low| Python \nBIG-IP WOM| 10.1.0 - 10.2.0| 11.0.0 - 11.3.0 \n10.2.1 - 10.2.4| Low| Python \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.0.0 - 3.1.1 \n2.1.0 - 2.3.0| Not vulnerable| None \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nLineRate| None| 2.2.0 - 2.5.0 \n1.6.0 - 1.6.4| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 4.0.0 - 4.1.0 \n3.3.2 - 3.5.1| Not vulnerable| None \nBIG-IP Edge Clients for Android| None| 2.0.0 - 2.0.6| Not vulnerable| None \nBIG-IP Edge Clients for Apple iOS| None| 2.0.0 - 2.0.4 \n1.0.5 - 1.0.6| Not vulnerable| None \nBIG-IP Edge Clients for Linux| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients for MAC OS X| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients for Windows| None| 6035.x - 7110.x| Not vulnerable| None \nBIG-IP Edge Clients Windows Phone 8.1| None| 1.0.0.x| Not vulnerable| None \nBIG-IP Edge Portal for Android| None| 1.0.0 - 1.0.2| Not vulnerable| None \nBIG-IP Edge Portal for Apple iOS| None| 1.0.0 - 1.0.3| Not vulnerable| None \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability for BIG-IP, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated document](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "published": "2015-04-10T00:40:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://support.f5.com/csp/article/K16398", "cvelist": ["CVE-2006-4980"], "lastseen": "2017-06-08T00:16:16"}, {"id": "SOL16398", "type": "f5", "title": "SOL16398 - Python vulnerability CVE-2006-4980", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for BIG-IP, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated document\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "published": "2015-04-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://support.f5.com/kb/en-us/solutions/public/16000/300/sol16398.html", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:23:30"}], "openvas": [{"id": "OPENVAS:57905", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200610-07 (python)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200610-07.", "published": "2008-09-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=57905", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-11-02T12:45:38"}, {"id": "OPENVAS:57539", "type": "openvas", "title": "Debian Security Advisory DSA 1198-1 (python2.3)", "description": "The remote host is missing an update to python2.3\nannounced via advisory DSA 1198-1.\n\nBenjamin C. Wiley Sittler discovered that the repr() of the Python\ninterpreter allocates insufficient memory when parsing UCS-4 Unicode\nstrings, which might lead to execution of arbitrary code through\na buffer overflow.", "published": "2008-01-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=57539", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T20:41:36"}, {"id": "OPENVAS:65495", "type": "openvas", "title": "SLES9: Security update for Python", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n python-devel\n python\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5017455 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "published": "2009-10-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=65495", "cvelist": ["CVE-2006-4980"], "lastseen": "2017-02-10T09:02:36"}, {"id": "OPENVAS:57538", "type": "openvas", "title": "Debian Security Advisory DSA 1197-1 (python2.4)", "description": "The remote host is missing an update to python2.4\nannounced via advisory DSA 1197-1.\n\nBenjamin C. Wiley Sittler discovered that the repr() of the Python\ninterpreter allocates insufficient memory when parsing UCS-4 Unicode\nstrings, which might lead to execution of arbitrary code through\na buffer overflow.", "published": "2008-01-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=57538", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T20:41:41"}, {"id": "OPENVAS:57456", "type": "openvas", "title": "FreeBSD Ports: python+ipv6", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=57456", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-10-10T12:51:13"}], "osvdb": [{"id": "OSVDB:29366", "type": "osvdb", "title": "Python repr() Function Unicode String Overflow", "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470\n[Vendor Specific Advisory URL](http://www.gentoo.org/security/en/glsa/glsa-200610-07.xml)\n[Vendor Specific Advisory URL](ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc)\n[Vendor Specific Advisory URL](http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm)\n[Vendor Specific Advisory URL](https://issues.rpath.com/browse/RPL-625)\n[Vendor Specific Advisory URL](http://www.trustix.org/errata/2006/0057/)\n[Vendor Specific Advisory URL](http://lists.suse.com/archive/suse-security-announce/2006-Oct/0007.html)\n[Vendor Specific Advisory URL](http://www.ubuntu.com/usn/usn-359-1)\n[Vendor Specific Advisory URL](http://www.mandriva.com/security/advisories?name=MDKSA-2006:181)\n[Vendor Specific Advisory URL](http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html)\n[Secunia Advisory ID:22303](https://secuniaresearch.flexerasoftware.com/advisories/22303/)\n[Secunia Advisory ID:22531](https://secuniaresearch.flexerasoftware.com/advisories/22531/)\n[Secunia Advisory ID:22357](https://secuniaresearch.flexerasoftware.com/advisories/22357/)\n[Secunia Advisory ID:22358](https://secuniaresearch.flexerasoftware.com/advisories/22358/)\n[Secunia Advisory ID:22379](https://secuniaresearch.flexerasoftware.com/advisories/22379/)\n[Secunia Advisory ID:22457](https://secuniaresearch.flexerasoftware.com/advisories/22457/)\n[Secunia Advisory ID:22487](https://secuniaresearch.flexerasoftware.com/advisories/22487/)\n[Secunia Advisory ID:22276](https://secuniaresearch.flexerasoftware.com/advisories/22276/)\n[Secunia Advisory ID:22297](https://secuniaresearch.flexerasoftware.com/advisories/22297/)\n[Secunia Advisory ID:22448](https://secuniaresearch.flexerasoftware.com/advisories/22448/)\n[Secunia Advisory ID:22512](https://secuniaresearch.flexerasoftware.com/advisories/22512/)\n[Secunia Advisory ID:22639](https://secuniaresearch.flexerasoftware.com/advisories/22639/)\n[Secunia Advisory ID:23680](https://secuniaresearch.flexerasoftware.com/advisories/23680/)\nRedHat RHSA: RHSA-2006:0713\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1197\nOther Advisory URL: http://www.us.debian.org/security/2006/dsa-1198\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0295.html\n[CVE-2006-4980](https://vulners.com/cve/CVE-2006-4980)\n", "published": "2006-08-16T21:20:09", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29366", "cvelist": ["CVE-2006-4980"], "lastseen": "2017-04-28T13:20:25"}], "nessus": [{"id": "DEBIAN_DSA-1198.NASL", "type": "nessus", "title": "Debian DSA-1198-1 : python2.3 - buffer overflow", "description": "Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.", "published": "2006-10-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22907", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:24:23"}, {"id": "REDHAT-RHSA-2006-0713.NASL", "type": "nessus", "title": "RHEL 3 / 4 : python (RHSA-2006:0713)", "description": "Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980)\n\nIn addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109.\n\nUsers of Python should upgrade to these updated packages, which contain a backported patch to correct this issue.", "published": "2006-10-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22525", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-12-30T02:16:13"}, {"id": "SUSE_PYTHON-2168.NASL", "type": "nessus", "title": "openSUSE 10 Security Update : python (python-2168)", "description": "A buffer overflow within python's repr() function has been fixed. The CAN number CVE-2006-4980 has been assigned to this issue.", "published": "2007-10-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=27406", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:25:42"}, {"id": "DEBIAN_DSA-1197.NASL", "type": "nessus", "title": "Debian DSA-1197-1 : python2.4 - buffer overflow", "description": "Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.", "published": "2006-10-25T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22906", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:23:19"}, {"id": "GENTOO_GLSA-200610-07.NASL", "type": "nessus", "title": "GLSA-200610-07 : Python: Buffer Overflow", "description": "The remote host is affected by the vulnerability described in GLSA-200610-07 (Python: Buffer Overflow)\n\n Benjamin C. Wiley Sittler discovered a buffer overflow in Python's 'repr()' function when handling UTF-32/UCS-4 encoded strings.\n Impact :\n\n If a Python application processes attacker-supplied data with the 'repr()' function, this could potentially lead to the execution of arbitrary code with the privileges of the affected application or a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "published": "2006-10-20T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22893", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:26:12"}, {"id": "MANDRAKE_MDKSA-2006-181.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : python (MDKSA-2006:181)", "description": "A vulnerability in python's repr() function was discovered by Benjamin C. Wiley Sittler. It was found that the function did not properly handle UTF-32/UCS-4 strings, so an application that used repr() on certin untrusted data could possibly be exploited to execute arbitrary code with the privileges of the user running the python application.\n\nUpdated packages have been patched to correct this issue.", "published": "2007-02-18T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=24566", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:25:37"}, {"id": "SUSE_PYTHON-2167.NASL", "type": "nessus", "title": "SuSE 10 Security Update : Python (ZYPP Patch Number 2167)", "description": "A buffer overflow within python's repr() function has been fixed. The CAN number CVE-2006-4980 has been assigned to this issue.", "published": "2007-12-13T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=29559", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:24:35"}, {"id": "F5_BIGIP_SOL16398.NASL", "type": "nessus", "title": "F5 Networks BIG-IP : Python vulnerability (K16398)", "description": "Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts. (CVE-2006-4980)\n\nImpact\n\nAn attacker may be able to cause a denial-of-service (DoS) to the system or execute malicious code through exploited scripts.", "published": "2015-04-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=82673", "cvelist": ["CVE-2006-4980"], "lastseen": "2017-04-06T21:43:35"}, {"id": "FREEBSD_PKG_FE83EB5B55E111DBA5AE00508D6A62DF.NASL", "type": "nessus", "title": "FreeBSD : python -- buffer overrun in repr() for unicode strings (fe83eb5b-55e1-11db-a5ae-00508d6a62df)", "description": "Benjamin C. Wiley Sittler reports :\n\nI discovered a [buffer overrun in repr() for unicode strings]. This causes an unpatched non-debug wide (UTF-32/UCS-4) build of python to abort.\n\nUbuntu security team reports :\n\nIf an application uses repr() on arbitrary untrusted data, this [bug] could be exploited to execute arbitrary code with the privileges of the python application.", "published": "2006-10-10T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=22521", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:24:49"}, {"id": "ORACLELINUX_ELSA-2006-0713.NASL", "type": "nessus", "title": "Oracle Linux 3 / 4 : python (ELSA-2006-0713)", "description": "From Red Hat Security Advisory 2006:0713 :\n\nUpdated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team.\n\nPython is an interpreted, interactive, object-oriented programming language.\n\nA flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980)\n\nIn addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109.\n\nUsers of Python should upgrade to these updated packages, which contain a backported patch to correct this issue.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67414", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:24:30"}], "centos": [{"id": "CESA-2006:0713", "type": "centos", "title": "python, tkinter security update", "description": "**CentOS Errata and Security Advisory** CESA-2006:0713\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013317.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013318.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013319.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013320.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013321.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013322.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013323.html\nhttp://lists.centos.org/pipermail/centos-announce/2006-October/013324.html\n\n**Affected packages:**\npython\npython-devel\npython-docs\npython-tools\ntkinter\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2006-0713.html", "published": "2006-10-10T08:17:55", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2006-October/013317.html", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-12-05T19:59:20"}], "freebsd": [{"id": "FE83EB5B-55E1-11DB-A5AE-00508D6A62DF", "type": "freebsd", "title": "python -- buffer overrun in repr() for unicode strings", "description": "\nBenjamin C. Wiley Sittler reports:\n\nI discovered a [buffer overrun in repr() for unicode\n\t strings]. This causes an unpatched non-debug wide\n\t (UTF-32/UCS-4) build of python to abort.\n\nUbuntu security team reports:\n\nIf an application uses repr() on arbitrary untrusted data,\n\t this [bug] could be exploited to execute arbitrary code\n\t with the privileges of the python application.\n\n", "published": "2006-08-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/fe83eb5b-55e1-11db-a5ae-00508d6a62df.html", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-26T17:25:05"}], "redhat": [{"id": "RHSA-2006:0713", "type": "redhat", "title": "(RHSA-2006:0713) python security update", "description": "Python is an interpreted, interactive, object-oriented programming language.\r\n\r\nA flaw was discovered in the way that the Python repr() function handled\r\nUTF-32/UCS-4 strings. If an application written in Python used the repr()\r\nfunction on untrusted data, this could lead to a denial of service or\r\npossibly allow the execution of arbitrary code with the privileges of the\r\nPython application. (CVE-2006-4980)\r\n\r\nIn addition, this errata fixes a regression in the SimpleXMLRPCServer\r\nbackport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109.\r\n\r\nUsers of Python should upgrade to these updated packages, which contain a\r\nbackported patch to correct this issue.", "published": "2006-10-09T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2006:0713", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-04T11:17:36"}], "gentoo": [{"id": "GLSA-200610-07", "type": "gentoo", "title": "Python: Buffer Overflow", "description": "### Background\n\nPython is an interpreted, interactive, object-oriented, cross-platform programming language. \n\n### Description\n\nBenjamin C. Wiley Sittler discovered a buffer overflow in Python's \"repr()\" function when handling UTF-32/UCS-4 encoded strings. \n\n### Impact\n\nIf a Python application processes attacker-supplied data with the \"repr()\" function, this could potentially lead to the execution of arbitrary code with the privileges of the affected application or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Python users should update to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.4.3-r4\"", "published": "2006-10-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200610-07", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-06T19:46:13"}], "debian": [{"id": "DSA-1197", "type": "debian", "title": "python2.4 -- buffer overflow", "description": "Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.\n\nFor the stable distribution (sarge) this problem has been fixed in version 2.4.1-2sarge1. Due to build problems this update lacks fixed packages for the m68k architecture. Once they are sorted out, binaries for m68k will be released.\n\nFor the unstable distribution (sid) this problem has been fixed in version 2.4.4-1.\n\nWe recommend that you upgrade your Python 2.4 packages.", "published": "2006-10-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1197", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-02T18:25:58"}, {"id": "DSA-1198", "type": "debian", "title": "python2.3 -- buffer overflow", "description": "Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.\n\nFor the stable distribution (sarge) this problem has been fixed in version 2.3.5-3sarge2. Due to build problems this update lacks fixed packages for the Alpha and Sparc architectures. Once they are sorted out, fixed binaries will be released.\n\nFor the unstable distribution (sid) this problem has been fixed in version 2.3.5-16.\n\nWe recommend that you upgrade your Python 2.3 packages.", "published": "2006-10-23T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1198", "cvelist": ["CVE-2006-4980"], "lastseen": "2016-09-02T18:25:35"}], "ubuntu": [{"id": "USN-359-1", "type": "ubuntu", "title": "Python vulnerability", "description": "Benjamin C. Wiley Sittler discovered that Python's repr() function did \nnot properly handle UTF-32/UCS-4 strings. If an application uses \nrepr() on arbitrary untrusted data, this could be exploited to execute \narbitrary code with the privileges of the python application.", "published": "2006-10-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.ubuntu.com/usn/usn-359-1", "cvelist": ["CVE-2006-4980"], "lastseen": "2017-05-01T08:28:54"}]}}