[SECURITY] Fedora 14 Update: python-feedparser-5.0.1-1.fc14

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

[SECURITY] Fedora 15 Update: python-feedparser-5.0.1-1.fc15

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

CVE-2010-3492

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to condu...

Security fix for the ALT Linux 5 package python-module-mako version 0.2.5-alt1.M51.1

Oct. 2, 2010 Vladimir Lettiev 0.2.5-alt1.M51.1 - Fixed CVE-2010-2480 - XSS via inadequate escaping patch from ubuntu + lib/mako/filters.py: use xml.sax.saxutils.escape instead of cgi.escape so we can escape single quotes...

CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service memory corruption and application crash via crafted arguments, as demonstrated by a call to...

Mandriva Security Advisory MDVSA-2009:341 (dstat)

The remote host is missing an update to dstat announced via advisory MDVSA-2009:341. OpenVAS Vulnerability Test $Id: mdksa2009341.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:341 dstat Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the applicatio...

dstat security update

CentOS Errata and Security Advisory CESA-2009:1619 An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the...

Dstat sys.path搜索路径本地权限提升漏洞

BUGTRAQ ID: 37131 CVECAN ID: CVE-2009-3894,CVE-2009-4081 Dstat是vmstat、iostat和netstat工具的多功能替代品，可用于性能调节测试、基准和故障排除等方面。 dstat在sys.path中包含有当前工作目录和profile子目录。如果本地用户在攻击者可写的目录（如/tmp）中运行了dstat且攻击者在该目录中放置了某些Python模块（如getopt.py），就可以导致以运行dstat用户的权限执行任意代码。 Dag Wiers dstat 0.6.9 厂商补丁： RedHat ------...

RedHat Security Advisory RHSA-2009:1619

The remote host is missing updates announced in advisory RHSA-2009:1619. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be used for performance tuning tests, benchmarks, and troubleshooting. Robert Buchholz of the Gentoo Security Team reported a flaw in the...

RHEL 5 : dstat (RHSA-2009:1619)

An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be use...

Moderate: Red Hat Security Advisory: dstat security update

An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be use...

DEBIAN-CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

Design/Logic Flaw

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

CVE-2009-4081

Technical details for CVE-2009-4081 are not publicly available in the provided documents; the materials reference CVE-2009-3894 but do not supply affected product/version/root cause for CVE-2009-4081. Monitor for updates.

CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...