26 matches found
Security Bulletin: Vulnerabilities exists in IBM Netezza Analytics - NPS Product
Summary Vulnerabilities exist in IBM Netezza Analytics - NPS product are addressed in version 11.2.29 Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow a remote attacker to execute arbitrary code on the system, caused by an error in the packageindex module. By...
Important: python-crypto
Issue Overview: Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. CVE-2013-7459 Affected Packages: python-crypto Note: This...
Amazon Linux 2 : python-crypto (ALASANSIBLE2-2024-011)
It is, therefore, affected by a vulnerability as referenced in the ALAS2ANSIBLE2-2024-011 advisory. Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv...
Security Bulletin: Vulnerability in pycrypto-2.6.1.tar.gz affects IBM Integrated Analytics System [CVE-2013-7459, CVE-2018-6594]
Summary The pycrypto-2.6.1.tar.gz package is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable vulnerability CVE-2013-7459, CVE-2018-6594. Vulnerability Details CVEID:CVE-2013-7459 DESCRIPTION: PyCrypto is vulnerable to a heap-based buffer...
SUSE: Security Advisory (SUSE-SU-2017:1744-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : python-crypto (EulerOS-SA-2020-1996)
According to the versions of the python-crypto package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto...
Huawei EulerOS: Security Advisory for python-crypto (EulerOS-SA-2018-1168)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Pycrypto PHSA-2017-0026
An update of the pycrypto package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121720;...
Photon OS 1.0: Openjre PHSA-2017-0026
An update of the openjre package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121719;...
aacrgenie (>=9.0.0 <=12.5.0), aalam-common (=0.1.78) +549 more potentially affected by CVE-2013-7459 via pycrypto (>=2.4.1 <=2.6.1)
pycrypto PYPI version =2.4.1, =9.0.0, =0.0.8, =1.1.3, =1.0.1, =3.4.0, =0.4.0b0, =3.0.0b1, =0.0.2, =0.0.1, =1.0.0, =0.0.4, =0.3.1 and more Source cves: CVE-2013-7459 Source advisory: OSV:GHSA-CQ27-V7XP-C356...
EulerOS 2.0 SP3 : python-crypto (EulerOS-SA-2018-1168)
According to the version of the python-crypto package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to...
Security Bulletin: A vulnerability in PyCrypto affects PowerKVM
Summary PowerKVM is affected by a vulnerability in python-crypto PyCrypto. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2013-7459 DESCRIPTION: PyCrypto is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the ALGnew function in...
SUSE-SU-2017:2350-1 Security update for python-pycrypto
This update for python-pycrypto fixes the following issues: - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420. python-paramiko was adjusted to work together with this python-pycrypto change. bsc1047666...
SUSE SLES11 Security Update : python-pycrypto (SUSE-SU-2017:1744-1)
This update for python-pycrypto fixes the following issues : - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
SUSE-SU-2017:1744-1 Security update for python-pycrypto
This update for python-pycrypto fixes the following issues: - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420...
Important: python-crypto
Issue Overview: A heap-buffer overflow vulnerability was discovered in cryptopp. This vulnerability can be used to remotely gain access to shell. Affected Packages: python-crypto Issue Correction: Run yum update python-crypto or yum update --advisory ALAS-2017-801 to update your system.Run yum...
CVE-2013-7459
CVE-2013-7459 is a heap-based buffer overflow in the ALGnew function of block_templace.c in Python Cryptography Toolkit (pycrypto). An attacker could trigger arbitrary code execution by supplying a crafted iv to cryptmsg.py. IBM and Amazon Linux advisories corroborate the vulnerability in pycrypt...
CVE-2013-7459
Removed by vendor...
UBUNTU-CVE-2013-7459
Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py...
Fedora 25 : python-crypto (2017-7c569d396b)
A heap-buffer overflow vulnerability was discovered in pycrypto leading to arbitrary code execution. All users of pycrypto's AES module that allow the mode of operation to be specified by an attacker, check for ECB explicitly and create the objects without specifying an IV are vulnerable to this...