[SECURITY] [DLA 989-1] jython security update

Package : jython Version : 2.5.2-1+deb7u1 CVE ID : CVE-2016-4000 Debian Bug : 864859 Alvaro Munoz and Christian Schneider discovered that Jython, an implementation of the Python language seamlessly integrated with Java, would execute arbitrary code when deserializing objects. For Debian 7 "Wheezy...

DLA-989-1 jython - security update

Bulletin has no description...

Remote Code Execution (RCE)

Jython is vulnerable to remote code execution RCE. A malicious user can send a serialized pyfunction object to the system that when deserialized causes arbitrary code to be executed...

[SECURITY] Fedora 25 Update: python-PyMySQL-0.7.10-10.fc25

This package contains a pure-Python MySQL client library. The goal of PyMyS QL is to be a drop-in replacement for MySQLdb and work on CPython, PyPy, IronPyth on and Jython...

Red Hat JBoss Operations Network Java Object Deserialization RCE

The remote Red Hat JBoss Operations Network server is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Jython library. An unauthenticated, remote attacker can exploit this, by sending specially crafted Java objects to the HTT...

Fedora Update for jython FEDORA-2015-5938

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SQLiPy - Plugin for Burp Suite that integrates SQLMap using the SQLMap API

SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API. SQLMap comes with a RESTful based server that will execute SQLMap scans. This plugin can start the API for you or connect to an already running API to perform a scan. Requirements Jython 2.7 beta, due to the use...

Autorize - Automatic Authorization Enforcement Detection (Extension for Burp Suite)

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert at AppSec Labs. Autorize was designed to help security testers by performing automatic authorization tests. Installation 1. Download Burp...

Fedora 22 : jline-2.12.1-1.fc22 / jnr-posix-3.0.9-3.fc22 / jython-2.7-0.7.rc2.fc22 (2015-5938)

Security fix for CVE-2013-1752 and update to latest upstream release of jython. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

[SECURITY] Fedora 22 Update: jython-2.7-0.7.rc2.fc22

Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with...

[ MDVSA-2015:158 ] jython

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:158 http://www.mandriva.com/en/support/security/ Package : jython Date : March 29, 2015 Affected: Business Server 2.0 Problem Description: Updated jython packages fix security vulnerability: There are server...

Jython weak permissions

Weak permissions on cache files creation...

Mandriva Linux Security Advisory : jython (MDVSA-2015:158)

Updated jython packages fix security vulnerability : There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

MGASA-2015-0096 Updated jython packages fix CVE-2013-2027

Updated jython packages fix security vulnerability: There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027...

Updated jython packages fix CVE-2013-2027

Updated jython packages fix security vulnerability: There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027...

Jython Access Restriction Bypass Vulnerability

Jython is the Jython project a Python interpreter written in Java. An access restriction bypass vulnerability exists in Jython 2.2.1 that allows local users to bypass the privileges of unspecified vector access restrictions...

CVE-2013-2027

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...

Design/Logic Flaw

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...

DEBIAN-CVE-2013-2027

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...

CVE-2013-2027

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...