EUVD-2005-0090

Malware in sbrugna...

K75910138: Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150

Security Advisory Description CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service...

SUSE CVE-2012-0845

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an XML-RPC POST request that contains a smaller amount of data than specified...

Ubuntu: Security Advisory (USN-73-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Python < 2.6.8, 2.7.x < 2.7.3, 3.1.x < 3.1.5, 3.2.x < 3.2.3 XML-RPC DoS (bpo-14001) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Information Disclosure

Python is an interpreted, interactive, object-oriented programming language. A denial of service flaw was found in the implementation of associative arrays dictionaries in Python. An attacker able to supply a large number of inputs to a Python application such as HTTP POST request parameters sent...

Denial Of Service (DoS)

Python is vulnerable to denial of service DoS. It can happen due to a flaw found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely, allowing to cause excessive CPU consumption on a server using SimpleXMLRPCServer...

Oracle Solaris Third-Party Patch Update : python (multiple_vulnerabilities_in_python) (BEAST)

The remote Solaris system is missing necessary patches to address security updates : - The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained...

Amazon Linux AMI : python26 (ALAS-2012-98)

A denial of service flaw was found in the implementation of associative arrays dictionaries in Python. An attacker able to supply a large number of inputs to a Python application such as HTTP POST request parameters sent to a web application that are used as keys when inserting data into an array...

Oracle Linux 3 / 4 : python (ELSA-2006-0713)

From Red Hat Security Advisory 2006:0713 : Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Python is an interpreted, interactive,...

Ubuntu Update for python3.1 USN-1616-1

Ubuntu Update for Linux kernel vulnerabilities USN-1616-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16161.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for python3.1 USN-1616-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net Th...

Ubuntu 10.04 LTS / 11.04 : python3.1 vulnerabilities (USN-1616-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. CVE-2008-5983 It was discovered that th...

Ubuntu 11.04 / 11.10 / 12.04 LTS / 12.10 : python3.2 vulnerabilities (USN-1615-1)

It was discovered that Python distutils contained a race condition when creating the /.pypirc file. A local attacker could exploit this to obtain sensitive information. CVE-2011-4944 It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A...

Ubuntu 8.04 LTS : python2.4 vulnerabilities (USN-1613-2)

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit thi...

Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

CVE-2012-0845

The CVE-2012-0845 issue affects Python’s SimpleXMLRPCServer: SimpleXMLRPCServer.py in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3. A crafted XML-RPC POST with Content-Length mismatch can cause an infinite loop and high CPU usage, resulting in denial of servic...

CVE-2012-0845

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an XML-RPC POST request that contains a smaller amount of data than specified...

CVE-2012-0845

SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an XML-RPC POST request that contains a smaller amount of data than specified...

USN-1596-1: Python 2.6 vulnerabilities

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...