GoogleOSV:DSA-2880-1

HistoryMar 17, 2014 - 12:00 a.m.

python2.7 - security update

2014-03-1700:00:00

Google

osv.dev

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Multiple security issues were discovered in Python:

CVE-2013-4238
Ryan Sleevi discovered that NULL characters in the subject alternate
names of SSL cerficates were parsed incorrectly.
CVE-2014-1912
Ryan Smith-Roberts discovered a buffer overflow in the
socket.recvfrom_into() function.

For the stable distribution (wheezy), these problems have been fixed in
version 2.7.3-6+deb7u2.

For the unstable distribution (sid), these problems have been fixed in
version 2.7.6-7.

We recommend that you upgrade your python2.7 packages.

CPENameOperatorVersion
python2.7eq2.7.3-6+deb7u1
python2.7eq2.7.3-6

CPE	Name	Operator	Version
	python2.7	eq	2.7.3-6+deb7u1
	python2.7	eq	2.7.3-6

References

www.debian.org/security/2014/dsa-2880

nessus 56

openvas 48

debian 2

osv 3

zdt 1

seebug 3

exploitpack 1

fedora 12

securityvulns 6

prion 3

ubuntucve 2

cve 3

debiancve 2

ubuntu 5

freebsd 1

amazon 4

oraclelinux 3

redhat 4

centos 2

exploitdb 1

mageia 3

f5 3

veracode 6

ibm 4

gentoo 1

vmware 2

suse 1

rosalinux 1

oracle 1

nessus

Debian DSA-2880-1 : python2.7 - security update

2014-03-18 00:00:00

openSUSE Security Update : python (openSUSE-SU-2014:0380-1)

2014-06-13 00:00:00

Mandriva Linux Security Advisory : python (MDVSA-2014:041)

2014-02-20 00:00:00

openvas

Debian Security Advisory DSA 2880-1 (python2.7 - security update)

2014-03-17 00:00:00

Debian Security Advisory DSA 2880-1 (python2.7 - security update)

2014-03-17 00:00:00

Fedora Update for python3 FEDORA-2014-2418

2014-02-17 00:00:00

debian

[SECURITY] [DSA 2880-1] python2.7 security update

2014-03-17 18:07:37

[DLA 25-1] python2.6 security update

2014-07-31 21:07:32

osv

python2.6 - regression update

2014-07-31 00:00:00

python2.6 - regression update

2014-07-31 00:00:00

python2.6 - security update

2014-07-31 00:00:00

zdt

Python socket.recvfrom_into() remote buffer overflow exploit

2014-02-23 00:00:00

seebug

Python "sock_recvfrom_into()" 缓冲区溢出漏洞

2014-02-25 00:00:00

Python socket.recvfrom_into() - Remote Buffer Overflow

2014-07-01 00:00:00

Python多个安全漏洞

2013-12-30 00:00:00

exploitpack

Python - socket.recvfrom_into() Remote Buffer Overflow

2014-02-24 00:00:00

fedora

[SECURITY] Fedora 20 Update: python-2.7.5-10.fc20

2014-02-14 07:51:33

[SECURITY] Fedora 20 Update: python3-3.3.2-9.fc20

2014-02-15 07:05:19

[SECURITY] Fedora 19 Update: python-2.7.5-4.fc19

2013-08-24 22:27:19

securityvulns

[ MDVSA-2014:041 ] python

2014-03-03 00:00:00

Python buffer overflow

2014-03-03 00:00:00

Python SSL certificate check bypass

2013-10-02 00:00:00

prion

Buffer overflow

2014-03-01 00:55:00

Design/Logic Flaw

2013-08-18 02:52:00

Design/Logic Flaw

2013-08-27 03:34:00

ubuntucve

CVE-2014-1912

2014-02-21 00:00:00

CVE-2013-4238

2013-08-17 00:00:00

cve

CVE-2014-1912

2014-03-01 00:55:00

CVE-2013-4238

2013-08-18 02:52:00

CVE-2013-4328

2013-08-27 03:34:00

debiancve

CVE-2014-1912

2014-03-01 00:55:00

CVE-2013-4238

2013-08-18 02:52:00

ubuntu

Python vulnerability

2014-03-03 00:00:00

Python 2.6 vulnerability

2013-10-01 00:00:00

Python 3.3 vulnerabilities

2013-10-01 00:00:00

freebsd

Python -- buffer overflow in socket.recvfrom_into()

2014-01-14 00:00:00

amazon

Medium: python27

2014-02-26 14:28:00

Medium: python26

2014-02-26 14:28:00

Medium: python27

2013-09-04 13:31:00

oraclelinux

python security, bug fix, and enhancement update

2013-11-26 00:00:00

python security, bug fix, and enhancement update

2015-07-28 00:00:00

python27 security, bug fix, and enhancement update

2016-02-04 00:00:00

redhat

(RHSA-2013:1582) Moderate: python security, bug fix, and enhancement update

2013-11-21 00:00:00

(RHSA-2015:1330) Moderate: python security, bug fix, and enhancement update

2015-07-22 00:00:00

(RHSA-2015:1064) Moderate: python27 security, bug fix, and enhancement update

2015-06-04 00:00:00

centos

python, tkinter security update

2013-11-26 13:32:42

python, tkinter security update

2015-07-26 14:11:19

exploitdb

Python - 'socket.recvfrom_into()' Remote Buffer Overflow

2014-02-24 00:00:00

mageia

Updated python & python3 packages fix multiple vulnerabilities

2014-02-20 01:24:08

Updated python3, bzr and some python packages fix security vulnerabilties

2013-08-22 21:58:14

Updated python packages fix CVE-2013-4328 and pip

2013-08-17 12:43:24

K93278412 : Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650

2017-07-21 00:00:00

SOL15638 - Python vulnerability CVE-2013-4238

2014-09-29 00:00:00

K15638 : Python vulnerability CVE-2013-4238

2014-10-17 00:00:00

veracode

Man-in-the-Middle (MitM)

2019-01-15 08:51:35

Improper Input Validation

2019-05-02 05:39:24

Sensitive Information Leakage

2019-05-02 05:39:25

ibm

Security Bulletin: Python vulnerabilities affect IBM SmartCloud Entry (CVE-2013-1752 CVE-2014-1912 CVE-2014-4650 CVE-2014-7185)

2020-07-19 00:49:12

Security Bulletin: Docker and Python as used in IBM QRadar SIEM is vulnerable to various CVEs.

2018-06-16 22:01:04

Security Bulletin: Multiple Vulnerabilities in python 2.6.4 used in OS Image for AIX shipped with IBM Cloud Pak System

2020-05-06 11:57:04

gentoo

Python: Multiple vulnerabilities

2015-03-18 00:00:00

vmware

VMware vSphere product updates address security vulnerabilities

2014-12-04 00:00:00

VMware vSphere product updates address security vulnerabilities

2014-12-04 00:00:00

suse

Security update for python3 (important)

2020-01-21 00:00:00

rosalinux

Advisory ROSA-SA-2021-1957

2021-07-02 18:03:40

oracle

Oracle Critical Patch Update Advisory - July 2017

2018-03-20 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for OSV:DSA-2880-1