Mandriva Linux Security Advisory : pycrypto (MDVSA-2009:049-1)

A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length CVE-2009-0544. The updated packages have been patched to prevent this. Update : The previous...

Mandriva Linux Security Advisory : python-pycrypto (MDVSA-2009:050-1)

A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length CVE-2009-0544. The updated packages have been patched to prevent this. Update : The previous...

Gentoo Security Advisory GLSA 200903-11 (pycrypto)

The remote host is missing updates announced in advisory GLSA 200903-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200903-11 (pycrypto)

The remote host is missing updates announced in advisory GLSA 200903-11. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

GLSA-200903-11 : PyCrypto: Execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200903-11 PyCrypto: Execution of arbitrary code Mike Wiacek of the Google Security Team reported a buffer overflow in the ARC2 module when processing a large ARC2 key length. Impact : A remote attacker could entice a user or...

PyCrypto: Execution of arbitrary code

Background PyCrypto is the Python Cryptography Toolkit. Description Mike Wiacek of the Google Security Team reported a buffer overflow in the ARC2 module when processing a large ARC2 key length. Impact A remote attacker could entice a user or automated system to decrypt an ARC2 stream in an...

Mandrake Security Advisory MDVSA-2009:049 (pycrypto)

The remote host is missing an update to pycrypto announced via advisory MDVSA-2009:049. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandrake Security Advisory MDVSA-2009:050 (python-pycrypto)

The remote host is missing an update to python-pycrypto announced via advisory MDVSA-2009:050. OpenVAS Vulnerability Test $Id: mdksa2009050.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:050 python-pycrypto Authors: Thomas Reinke Copyright: Copyrigh...

Mandrake Security Advisory MDVSA-2009:050-1 (python-pycrypto)

The remote host is missing an update to python-pycrypto announced via advisory MDVSA-2009:050-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandrake Security Advisory MDVSA-2009:050 (python-pycrypto)

The remote host is missing an update to python-pycrypto announced via advisory MDVSA-2009:050. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only O...

Mandrake Security Advisory MDVSA-2009:050-1 (python-pycrypto)

The remote host is missing an update to python-pycrypto announced via advisory MDVSA-2009:050-1. OpenVAS Vulnerability Test $Id: mdksa20090501.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:050-1 python-pycrypto Authors: Thomas Reinke Copyright:...

Mandrake Security Advisory MDVSA-2009:049 (pycrypto)

The remote host is missing an update to pycrypto announced via advisory MDVSA-2009:049. OpenVAS Vulnerability Test $Id: mdksa2009049.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:049 pycrypto Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...

Mandrake Security Advisory MDVSA-2009:049-1 (pycrypto)

The remote host is missing an update to pycrypto announced via advisory MDVSA-2009:049-1. OpenVAS Vulnerability Test $Id: mdksa20090491.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:049-1 pycrypto Authors: Thomas Reinke Copyright: Copyright c 2009...

Mandrake Security Advisory MDVSA-2009:049-1 (pycrypto)

The remote host is missing an update to pycrypto announced via advisory MDVSA-2009:049-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

PyCrypto python module DoS

DoS on ARC2 key processing...

[ MDVSA-2009:050-1 ] python-pycrypto

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:050-1 http://www.mandriva.com/security/ Package : python-pycrypto Date : February 23, 2009 Affected: 2009.0 Problem Description: A vulnerability have been discovered and corrected in PyCrypto ARC2 module...

PyCrypto ARC2模块缓冲区溢出漏洞

BUGTRAQ ID: 33674 CVECAN ID: CVE-2009-0544 PyCrypto是使用Python编写的加密工具包。 PyCrypto的ARC2模块中存在缓冲区溢出漏洞，如果远程攻击者在发送的请求中包含有超长的ARC2密钥长度的话，就可以触发这个溢出，导致拒绝服务或执行任意指令。 Dwayne C. Litzenberger PyCrypto 2.0.x 厂商补丁： Dwayne C. Litzenberger ---------------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

FreeBSD Ports: py-pycrypto

The remote host is missing an update to the system as announced in the referenced advisory. VID 5a021595-fba9-11dd-86f3-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 5a021595-fba9-11dd-86f3-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

FreeBSD Ports: py-pycrypto

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : pycrypto -- ARC2 module buffer overflow (5a021595-fba9-11dd-86f3-0030843d3802)

Dwayne C. Litzenberger reports : pycrypto is exposed to a buffer overflow issue because it fails to adequately verify user-supplied input. This issue resides in the ARC2 module. This issue can be triggered with specially crafted ARC2 keys in excess of 128 bytes. %NASLMINLEVEL 70300 C Tenable...