Python 'Imageop'模块参数验证缓冲区溢出漏洞

2008-10-28T00:00:00
ID SSV:4361
Type seebug
Reporter Root
Modified 2008-10-28T00:00:00

Description

BUGTRAQ ID: 31932 CNCAN ID:CNCAN-2008102806

Python是一款开放源代码的脚本编程语言。 Python 'Imageop'模块的不正确参数验证,远程攻击者可以利用漏洞进行缓冲区溢出而触发segfault错误。 目前没有详细漏洞细节提供,可能导致任意代码执行。

Python Software Foundation Python 2.5.2 Python Software Foundation Python 2.5.1 Python Software Foundation Python 2.4.5 Python Software Foundation Python 2.4.4 r14 Python Software Foundation Python 2.4.4 Python Software Foundation Python 2.4.3 + Trustix Secure Linux 3.0.5 Python Software Foundation Python 2.4.2 Python Software Foundation Python 2.4.1 Python Software Foundation Python 2.4 Python Software Foundation Python 2.3.6 Python Software Foundation Python 2.3.5 Python Software Foundation Python 2.3.4 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Python Software Foundation Python 2.3.3 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Python Software Foundation Python 2.3.2 Python Software Foundation Python 2.3.1 Python Software Foundation Python 2.3 b1 Python Software Foundation Python 2.3 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Python Software Foundation Python 2.2.3 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Python Software Foundation Python 2.2.2 + OpenPKG OpenPKG 1.2 + RedHat Linux 7.3 + S.u.S.E. Linux Personal 8.2 Python Software Foundation Python 2.2.1 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + OpenPKG OpenPKG 1.1 + S.u.S.E. Linux 8.1 Python Software Foundation Python 2.2 + Conectiva Linux 8.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 Python Software Foundation Python 2.1.3 + Debian Linux 3.0 Python Software Foundation Python 2.1.2 Python Software Foundation Python 2.1.1 + RedHat Linux 7.2 + Sun Linux 5.0.7 Python Software Foundation Python 2.1 + Conectiva Linux 7.0 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Python Software Foundation Python 2.0.1 Python Software Foundation Python 2.0 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 Python Software Foundation Python 1.6.1 Python Software Foundation Python 1.6 Python Software Foundation Python 1.5.2 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1.1 + Caldera OpenLinux Workstation 3.1 + Conectiva Linux 6.0 + Debian Linux 3.0 + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Single Network Firewall 7.2 + RedHat Linux 7.3 + RedHat Linux 7.2 + RedHat Linux 7.1 + RedHat Linux 7.0 + RedHat Linux 6.2 + RedHat Linux for iSeries 7.1 + RedHat Linux for pSeries 7.1 + Sun Linux 5.0.7 + Trustix Secure Linux 1.5 Python Software Foundation Python 2.5 可参考如下补丁程序: <a href=http://svn.python.org/view?rev=66689&view=rev target=_blank>http://svn.python.org/view?rev=66689&view=rev</a>