EUVD-2013-2072

Malware in sbrugna...

K77241314: Python vulnerability CVE-2013-7440

Security Advisory Description The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2013-7440 Impact There is no impact; ...

Mageia: Security Advisory (MGASA-2013-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : bzr (EulerOS-SA-2020-1648)

According to the version of the bzr package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might all...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2019-1434)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttl...

Design/Logic Flaw

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

CVE-2013-7440

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

CVE-2013-7440

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

CVE-2013-7440

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

CVE-2013-7440

The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate...

CVE-2013-7440

CVE-2013-7440 affects CPython’s ssl.match_hostname: Python before 2.7.9 and 3.x before 3.3.3 incorrectly handles wildcards in hostnames, allowing MITM via a crafted certificate. Affected: CPython’s standard library SSL hostname verification. Root cause: wildcard handling flaw in hostname matching...

MGASA-2013-0376 Updated python3 and related packages fix security vulnerabilities and prevent an error

Changed behavior of ssl.matchhostname to follow RFC 6125 Also python-virtualenv has had incdir settings altered to avoid "include nested too deeply" error mga11283...

PSF-2013-1 ssl.match_hostname() wildcard DoS

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...

CVE-2013-4238

The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate...

Python 'ssl.match_hostname()'函数拒绝服务漏洞

BUGTRAQ ID: 59877 Py-bcrypt是OpenBSD Blowfish密码哈希算法的实现。 Python 3.2中，python-backports-sslmatchhostname匹配含有多个""通配符的证书名称时存在拒绝服务漏洞，远程攻击者可通过发送恶意构造的ssl证书导致拒绝服务。 0 python 3.2 厂商补丁： Python ------ 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： www.python.org...