MiracleLinux 4 : python27-python-2.7.8-18.0.1.AXS4.AXS4 (AXSA:2016-643:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-643:01 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes,...

Amazon Linux: Security Advisory (ALAS-2014-440)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : python-2.7.8-8.fc21 (2015-6003)

Security fix for CVE-2013-1752 multiple unbound readline DoS flaws in python stdlib following fixes which all relates to this CVE are in this patch : - poplib: limit maximum line length that we read from the network 16041 - smtplib: limit amount read from the network 16042 Note that Tenable Netwo...

Mandriva Linux Security Advisory : python (MDVSA-2014:197)

Updated python packages fix security vulnerability : Python before 2.7.8 is vulnerable to an integer overflow in the buffer type CVE-2014-7185. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux Security...

CVE-2014-7185

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function...

python2: Information leakage through integer overflow

It was reported that Python 2.7.8 fixes a potential wraparound in buffer with possible CWE-200 implications. This could allow an attacker to access private information through information leakage. PoC: --- overflow.py --- import sys a = bytearray'here be dragons' b = buffera, sys.maxsize,...