EUVD-2010-1655

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2010-2089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent...

Linux Distros Unpatched Vulnerability : CVE-2010-1634

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service...

Oracle Linux 5 : python (ELSA-2011-0027)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0027 advisory. - Resolves: CVE-2010-1634 CVE-2010-2089 - Related: CVE-2008-5983 - Rework rgbimgmodule fix for CVE-2008-3143 - Resolves: rhbz644425 CVE-2009-4134...

SUSE CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a...

SUSE CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service memory corruption and application crash via crafted arguments, as demonstrated by a call to...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. Multiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code...

Multiple memory corruption vulnerabilities in Python 'Modules\audioop.c'

Python is an open source, object-oriented programming language. Multiple memory corruption vulnerabilities in Python 'Modules\audioop.c' allow remote attackers to exploit the vulnerability by submitting a special request to disclose arbitrary memory...

Python 3.6 audioop.lin2adpcm / audioop.adpcm2lin Buffer Over-Read Vulnerabilities

Exploit for python platform in category remote exploits Title: Python 2.7 and 3.4 to 3.6 audioop.adpcm2lin Buffer Over-read Credit: John Leitch email protected Url1: http://autosectools.com/Page/Python-audioop-adpcm2lin-Buffer-Over-read Url2: http://bugs.python.org/issue24456 Resolution: Fixed Th...

Oracle Solaris Third-Party Patch Update : python (cve_2010_1634_integer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as...

ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities : - A denial of service vulnerability exists in the big2toUtf8 function in file lib/xmltok.c in the libexpat library. A remote attacker can exploit this, via an XML document having malformed UTF-8 sequences, to cause a buffer...

Ubuntu Update for python3.1 USN-1616-1

Ubuntu Update for Linux kernel vulnerabilities USN-1616-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16161.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python3.1 USN-1616-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu 10.04 LTS / 11.04 : python3.1 vulnerabilities (USN-1616-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. CVE-2008-5983 It was discovered that th...

Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit thi...

Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

USN-1596-1: Python 2.6 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

Scientific Linux Security Update : python on SL4.x, SL5.x i386/x86_64

A flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the 'file://' URL type. This...

Scientific Linux Security Update : python on SL5.x i386/x86_64

It was found that many applications embedding the Python interpreter did not specify a valid full path to the script or application when calling the PySysSetArgv API function, which could result in the addition of the current working directory to the module search path sys.path. A local attacker...