Fedora 29 : python34 (2019-6b02154aa0)

Last upstream Python 3.4 security release, 3.4.10. Security fix for CVE-2019-9636, CVE-2019-5010, CVE-2018-20406. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and forma...

SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service

Sms Stack is a Framework to provided TPC/IP based characteristics to the GSM Short Message Service. This framework works in multiple environments to provided a full stack integration in a service. The main layer features techniques to control the order and the number of sms for a given stream, an...

CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming...

PT-2018-1947 · Libexpat +7 · Expat +7

Name of the Vulnerable Software and Affected Versions: Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15 Description: The issue is related to Python's elementtree C accelerator failing to initialize Expat's hash salt during initialization...

[SECURITY] Fedora 27 Update: python34-3.4.9-2.fc27

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 26 Update: python34-3.4.7-2.fc26

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 27 Update: python34-3.4.7-2.fc27

Python 3.4 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.4, see other distributions that support it, such as CentOS or RHEL with Software...

Command Shell, Bind TCP (via python)

Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. module MetasploitModule CachedSize = :dynamic include Msf::Payload::Single include Msf::Payload::Python include Msf::Sessions::CommandShellOptions def initializeinfo =...

wafpass - WAF Security Benchmark

██╗ ██╗ █████╗ ███████╗██████╗ █████╗ ███████╗███████╗ ██║ ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝ ██║ █╗ ██║███████║█████╗ ██████╔╝███████║███████╗███████╗ ██║███╗██║██╔══██║██╔══╝ ██╔═══╝ ██╔══██║╚════██║╚════██║ ╚███╔███╔╝██║ ██║██║ ██║ ██║ ██║███████║███████║ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚...

WAF Security Benchmark: WAFPASS

WAF Security Benchmark WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer...

Interactive Disassembler: Plasma

Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api. The project is still in big...

CANToolz aka YACHT (Yet Another Car Hacking Tool) - Framework for Black-Box CAN Network Analysis

CANToolz is a framework for analysing CAN networks and devices. This tool based on different modules which can be assembled in pipe together and can be used by security researchers and automotive/OEM security testers for black-box analysis and etc. You can use this software for ECU discovery, MIT...

Python 3.4 / 3.5 xmlparse_setattro() Type Confusion

Title: Python 3.4 and 3.5 xmlparsesetattro Type Confusion Credit: John Leitch [email protected], Bryce Darling [email protected] Url1: http://autosectools.com/Page/Python-xmlparsesetattro-Type-Confusion Url2: http://bugs.python.org/issue25019 Resolution: Fixed Python 3.4 and 3.5 suffer...

Gping - Ping, But With A Graph

Ping, but with a graph Install and run Created/tested with Python 3.4, should run on 2.7 will require the statistics module though. pip3 install pinggraph Tested on Windows and Ubuntu, should run on OS X as well. After installation just run: gping yourhost If you don't give a host then it pings...

CVE-2013-1753

The gzipdecode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted HTTP request...

Amazon Linux AMI : python26 (ALAS-2013-241)

It was discovered that multiple Python standard library modules implementing network protocols such as httplib or smtplib failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. CVE-2013-1752...

Medium: python27

Issue Overview: The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafte...

CVE-2013-4238

The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

Design/Logic Flaw

The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

CVE-2013-4238

The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...