11 matches found
CVE-2019-5010
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted...
CVE-2019-5010
CVE-2019-5010 is a denial-of-service vulnerability in Python’s X509 certificate parser due to a NULL pointer dereference when processing specially crafted X.509 certificates. It affects Python 2.7.11 and 3.6.6 (and is referenced across multiple advisories). Mitigations in connected documents incl...
CVE-2019-5010
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted...
CVE-2019-5010
An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted...
EulerOS 2.0 SP3 : python (EulerOS-SA-2019-1594)
According to the version of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509...
Vulnerability Spotlight: Python.org certificate parsing denial-of-service
Colin Read and Nicolas Edet of Cisco Talos discovered these vulnerabilities. Executive summary Python.org contains an exploitable denial-of-service vulnerability in its X509 certificate parser. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of...
Python.org CPython X509 certificate parsing denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using...
Internet Bug Bounty: Type confusion in FutureIter_throw() which may potentially lead to an arbitrary code execution
Hello, I reported this directly to [email protected]. The issue has been fixed. Python Team confirmed that it's fixed and disclosed: It's disclosed. Feel free to file a bug if that would be helpful to you. On Mon, Nov 14, 2016, at 09:54, Artem Smotrakov wrote: Hello Benjamin, I am planning to...
CVE-2014-7185
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function...
Python - Interpreter Heap Memory Corruption (PoC)
Exploit for multiple platform in category dos / poc Title: Python Interpreter Heap Memory Corruption Date: Sun, 30 Mar 2014 20:09:44 -0400 Vulnerability Discovered By : Unknown Proof of Concept : Debasish Mandal https://twitter.com/debasishm89 Software Link: https://www.python.org/ Version: All ,...
Python 'ssl.match_hostname()'函数拒绝服务漏洞
BUGTRAQ ID: 59877 Py-bcrypt是OpenBSD Blowfish密码哈希算法的实现。 Python 3.2中,python-backports-sslmatchhostname匹配含有多个""通配符的证书名称时存在拒绝服务漏洞,远程攻击者可通过发送恶意构造的ssl证书导致拒绝服务。 0 python 3.2 厂商补丁: Python ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: www.python.org...