EUVD-2010-1655

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2010-2089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent...

Linux Distros Unpatched Vulnerability : CVE-2010-1634

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service...

Oracle Linux 5 : python (ELSA-2011-0027)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-0027 advisory. - Resolves: CVE-2010-1634 CVE-2010-2089 - Related: CVE-2008-5983 - Rework rgbimgmodule fix for CVE-2008-3143 - Resolves: rhbz644425 CVE-2009-4134...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. Multiple flaws were found in the Python audioop module. Supplying certain inputs could cause the audioop module to crash or, possibly, execute arbitrary code...

Multiple memory corruption vulnerabilities in Python 'Modules\audioop.c'

Python is an open source, object-oriented programming language. Multiple memory corruption vulnerabilities in Python 'Modules\audioop.c' allow remote attackers to exploit the vulnerability by submitting a special request to disclose arbitrary memory...

Oracle Solaris Third-Party Patch Update : python (cve_2010_1634_integer_overflow)

The remote Solaris system is missing necessary patches to address security updates : - Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service application crash via a large fragment, as...

ESXi 5.0 < Build 608089 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities : - A denial of service vulnerability exists in the big2toUtf8 function in file lib/xmltok.c in the libexpat library. A remote attacker can exploit this, via an XML document having malformed UTF-8 sequences, to cause a buffer...

Ubuntu Update for python3.1 USN-1616-1

Ubuntu Update for Linux kernel vulnerabilities USN-1616-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16161.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python3.1 USN-1616-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu 10.04 LTS / 11.04 : python3.1 vulnerabilities (USN-1616-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. CVE-2008-5983 It was discovered that th...

Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit thi...

Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

Scientific Linux Security Update : python on SL5.x i386/x86_64

It was found that many applications embedding the Python interpreter did not specify a valid full path to the script or application when calling the PySysSetArgv API function, which could result in the addition of the current working directory to the module search path sys.path. A local attacker...

RHEL 4 : python (RHSA-2011:0491)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0491 advisory. Python is an interpreted, interactive, object-oriented programming language. A flaw was found in the Python urllib and urllib2 libraries whe...

python, tkinter security update

CentOS Errata and Security Advisory CESA-2011:0491 Updated python packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

SuSE 11.1 Security Update : Python (SAT Patch Number 3493)

The following issues have been fixed : - a race condition in the accept implementation of smtpd.py could lead to a denial of service. CVE-2010-3493 - integer overflows and insufficient size checks could crash the audioop module. CVE-2010-2089 / CVE-2010-1634 %NASLMINLEVEL 70300 C Tenable Network...

python security, bug fix, and enhancement update

2.4.3-43 - add missing patch 206 Related: rhbz549372 2.4.3-42 - fix testpyclbr to match the urllib change in patch 204 patch 206 - allow the 'noproxy' environment variable to override 'ftpproxy' in urllib2 patch 207 - fix typos in names of patches 204 and 205 Related: rhbz549372 2.4.3-41 - backpo...

Python: Memory corruption in audioop module

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service memory corruption and application crash via crafted arguments, as demonstrated by a call to...

Low: Red Hat Security Advisory: python security, bug fix, and enhancement update

Updated python packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...