Linux Distros Unpatched Vulnerability : CVE-2011-4940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not plac...

Oracle: Security Advisory (ELSA-2012-0744)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-98)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console

a. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities o...

Ubuntu Update for python2.5 USN-1613-1

Ubuntu Update for Linux kernel vulnerabilities USN-1613-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16131.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python2.5 USN-1613-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu: Security Advisory (USN-1613-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1596-1: Python 2.6 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

[ MDVSA-2012:096-1 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:096-1 http://www.mandriva.com/security/ Package : python Date : July 2, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in python: The ssl...

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

CVE-2011-4940

In CVE-2011-4940, the list_directory function in Lib/SimpleHTTPServer.py used by Python’s SimpleHTTPServer does not add a charset parameter in the Content-Type header. This enables cross-site scripting (XSS) in Internet Explorer 7 via UTF-7 encoding. Affected are Python SimpleHTTPServer implement...

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...

CVE-2012-2639

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4940. Reason: This candidate is a reservation duplicate of CVE-2011-4940. Notes: All CVE users should reference CVE-2011-4940 instead of this candidate. All references and descriptions in this candidate have been removed to...

Mandriva Update for python MDVSA-2012:096 (python)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 6 : python (CESA-2012:0744)

Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CentOS 5 : python (CESA-2012:0745)

Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RedHat Update for python RHSA-2012:0745-01

Check for the Version of python OpenVAS Vulnerability Test RedHat Update for python RHSA-2012:0745-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

RHEL 5 : python (RHSA-2012:0745)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0745 advisory. - python: potential XSS in SimpleHTTPServer's listdirectory CVE-2011-4940 - python: distutils creates /.pypirc insecurely CVE-2011-4944 -...

python, tkinter security update

CentOS Errata and Security Advisory CESA-2012:0744 Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

python security update

2.4.3-46.el58.2 - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 2.4.3-46.el58.1 - distutils.commands.register: create /.pypirc securely Resolves: CVE-2011-4944 - send encoding in SimpleHTTPServer.listdirectory to protect IE7 against potential XSS attacks...