SUSE CVE-2007-2052

Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...

Command Shell, Bind TCP (via python)

Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...

pyrasite - Inject code into running Python processes

Tools for injecting arbitrary code into running Python processes. Requirements gdb version 7.3+ or RHEL5+ On OS X you will need to have a codesigned gdb - see https://sourceware.org/gdb/wiki/BuildingOnDarwin if you get errors while running with --verbose which mention codesigning. Compatiblity...

Ubuntu Update for python2.4 USN-1613-2

Ubuntu Update for Linux kernel vulnerabilities USN-1613-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN16132.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python2.4 USN-1613-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu: Security Advisory (USN-1613-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit thi...

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

Fedora 14 : python-feedparser-5.0.1-1.fc14 (2011-4894)

Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...

Fedora 15 : python-feedparser-5.0.1-1.fc15 (2011-4988)

Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : python2.4 vulnerabilities (USN-890-3)

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.4. Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked in...

USN-890-3: Python 2.4 vulnerabilities

USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.4. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked...

Debian DSA-1667-1 : python2.4 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2315 David Remahl discovered several integer overflows in the stringobject, unicodeobject, bufferobject,...

DSA-1667-1 python2.4 - several vulnerabilities

Bulletin has no description...

Gentoo Security Advisory GLSA 200807-16 (python)

The remote host is missing updates announced in advisory GLSA 200807-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Python存在多个缓冲区溢出漏洞

BUGTRAQ ID: 30491 CVE ID：CVE-2008-2315 CVE-2008-2316 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144 CNCVE ID：CNCVE-20082315 CNCVE-20082316 CNCVE-20083142 CNCVE-20083143 CNCVE-20083144 Python是一款开放源代码的脚本编程语言。 Python中存在多个整数溢出漏洞，远程攻击者可以利用漏洞对应用程序进行拒绝服务或者任意代码执行攻击。 1...

CVE-2008-1679

Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix for CVE-2007-4965...

[SECURITY] [DSA 1551-1] New python2.4 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1551-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 19, 2008 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-1197-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-2052

Off-by-one error in the PyLocalestrxfrm function in Modules/localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due ...

[SECURITY] [DSA 1197-1] New python2.4 packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1197-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 22nd, 2006 http://www.debian.org/security/faq -...