Linux Distros Unpatched Vulnerability : CVE-2012-1150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collision...

SUSE: Security Advisory (SUSE-SU-2012:0565-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0985-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0744)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-98)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

Code injection

Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service CPU consumptio...

GLSA-201401-04 : Python: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201401-04 Python: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of Servic...

VMSA-2012-0016 : VMware security updates for vSphere API and ESX Service Console

a. VMware vSphere API denial of service vulnerability The VMware vSphere API contains a denial of service vulnerability. This issue allows an unauthenticated user to send a maliciously crafted API request and disable the host daemon. Exploitation of the issue would prevent management activities o...

Splunk 4.3.x Denial Of Service

Splunk version 4.3.x suffers from a denial of service hash table vulnerability. Vendors: Splunk Inc., http://www.splunk.com Product: Splunk 4.3.x + possibly earlier versions Vulnerability: Unauth. remote denial of service against splunkweb Tracking IDs: CVE-2012-1150 SPL-53249 Vendor communicatio...

Ubuntu: Security Advisory (USN-1616-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for python3.1 USN-1616-1

Ubuntu Update for Linux kernel vulnerabilities USN-1616-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16161.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python3.1 USN-1616-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

USN-1616-1: Python 3.1 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. CVE-2008-5983 It was discovered that th...

USN-1615-1: Python 3.2 vulnerabilities

It was discovered that Python distutils contained a race condition when creating the /.pypirc file. A local attacker could exploit this to obtain sensitive information. CVE-2011-4944 It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A...

Python哈希冲突拒绝服务漏洞(CVE-2012-1150)

CVE ID: CVE-2012-1150 Python是一种面向对象、直译式计算机程序设计语言。 Python 2.6.8之前版本、2.7.x、3.x、3.2.x版本计算哈希值时没有预先限制哈希冲突，可允许攻击者通过向包含哈希表的应用发送特制的应用支持拒绝服务。 0 python 2.6.8 厂商补丁： Python ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： www.python.org...

CVE-2012-1150

Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application...

CVE-2012-1150

CVE-2012-1150 affects Python: affected ranges are Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3. Root cause is computing hash values without restricting predictable collisions, enabling context-dependent attackers to trigger DoS via crafted input to hash-table–...

Ubuntu: Security Advisory (USN-1596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1596-1: Python 2.6 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...