Vulnerabilities > CVE-2005-0089 - Unspecified vulnerability in Python
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN python
nessus
Summary
The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.
Vulnerable Configurations
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_6AFA87D3764B11D9B0E70000E249A0A2.NASL description According to Python Security Advisory PSF-2005-001, The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected. On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance last seen 2020-06-01 modified 2020-06-02 plugin id 18972 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/18972 title FreeBSD : python -- SimpleXMLRPCServer.py allows unrestricted traversal (6afa87d3-764b-11d9-b0e7-0000e249a0a2) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(18972); script_version("1.16"); script_cvs_date("Date: 2019/08/02 13:32:37"); script_cve_id("CVE-2005-0089"); script_name(english:"FreeBSD : python -- SimpleXMLRPCServer.py allows unrestricted traversal (6afa87d3-764b-11d9-b0e7-0000e249a0a2)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "According to Python Security Advisory PSF-2005-001, The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected. On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance's class(es), potentially leading to data loss or arbitrary code execution. If the registered object is a module, the danger is particularly serious. For example, if the registered module imports the os module, an attacker could invoke the os.system() function. Note: This vulnerability affects your system only if you're running SimpleXMLRPCServer-based server. This isn't harmful at all if you don't run any internet server written in Python or your server doesn't serve in XML-RPC protocol." ); # http://www.python.org/security/PSF-2005-001/ script_set_attribute( attribute:"see_also", value:"https://www.python.org/news/security/" ); # https://vuxml.freebsd.org/freebsd/6afa87d3-764b-11d9-b0e7-0000e249a0a2.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?82dcdb48" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:python+ipv6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/02/03"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"python>=2.2<2.2.3_7")) flag++; if (pkg_test(save_report:TRUE, pkg:"python>=2.3<2.3.4_4")) flag++; if (pkg_test(save_report:TRUE, pkg:"python>=2.4<2.4_1")) flag++; if (pkg_test(save_report:TRUE, pkg:"python>=2.5.a0.20050129<2.5.a0.20050129_1")) flag++; if (pkg_test(save_report:TRUE, pkg:"python+ipv6>=2.2<2.2.3_7")) flag++; if (pkg_test(save_report:TRUE, pkg:"python+ipv6>=2.3<2.3.4_4")) flag++; if (pkg_test(save_report:TRUE, pkg:"python+ipv6>=2.4<2.4_1")) flag++; if (pkg_test(save_report:TRUE, pkg:"python+ipv6>=2.5.a0.20050129<2.5.a0.20050129_1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Debian Local Security Checks NASL id DEBIAN_DSA-666.NASL description The Python development team has discovered a flaw in their language package. The SimpleXMLRPCServer library module could permit remote attackers unintended access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected. last seen 2020-06-01 modified 2020-06-02 plugin id 16340 published 2005-02-10 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16340 title Debian DSA-666-1 : python2.2 - design flaw code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-666. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(16340); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:18"); script_cve_id("CVE-2005-0089"); script_xref(name:"DSA", value:"666"); script_name(english:"Debian DSA-666-1 : python2.2 - design flaw"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "The Python development team has discovered a flaw in their language package. The SimpleXMLRPCServer library module could permit remote attackers unintended access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected." ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2005/dsa-666" ); script_set_attribute( attribute:"solution", value: "Upgrade the Python packages. For the stable distribution (woody) this problem has been fixed in version 2.2.1-4.7. No other version of Python in woody is affected. testing unstable Python 2.2 2.2.3-14 2.2.3-14 Python 2.3 2.3.4-20 2.3.4+2.3.5c1-2 Python 2.4 2.4-5 2.4-5" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/04"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/10"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/02/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"idle-python2.2", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-dev", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-doc", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-elisp", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-examples", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-gdbm", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-mpz", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-tk", reference:"2.2.1-4.7")) flag++; if (deb_check(release:"3.0", prefix:"python2.2-xmlbase", reference:"2.2.1-4.7")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-108.NASL description Updated Python packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team Python is an interpreted, interactive, object-oriented programming language. An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0089 to this issue. Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 17188 published 2005-02-22 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/17188 title RHEL 4 : python (RHSA-2005:108) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2005:108. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(17188); script_version ("1.23"); script_cvs_date("Date: 2019/10/25 13:36:11"); script_cve_id("CVE-2005-0089"); script_xref(name:"RHSA", value:"2005:108"); script_name(english:"RHEL 4 : python (RHSA-2005:108)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated Python packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team Python is an interpreted, interactive, object-oriented programming language. An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0089 to this issue. Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2005-0089" ); # http://www.python.org/security/PSF-2005-001/ script_set_attribute( attribute:"see_also", value:"https://www.python.org/news/security/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2005:108" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tkinter"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/02"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 4.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2005:108"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL4", reference:"python-2.3.4-14.1")) flag++; if (rpm_check(release:"RHEL4", reference:"python-devel-2.3.4-14.1")) flag++; if (rpm_check(release:"RHEL4", reference:"python-docs-2.3.4-14.1")) flag++; if (rpm_check(release:"RHEL4", reference:"python-tools-2.3.4-14.1")) flag++; if (rpm_check(release:"RHEL4", reference:"tkinter-2.3.4-14.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python / python-devel / python-docs / python-tools / tkinter"); } }NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-035.NASL description A flaw in the python language was found by the development team. The SimpleXMLRPCServer library module could permit remote attackers unintended access to internals of the registered object or it last seen 2020-06-01 modified 2020-06-02 plugin id 16378 published 2005-02-11 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/16378 title Mandrake Linux Security Advisory : python (MDKSA-2005:035) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2005:035. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(16378); script_version ("1.17"); script_cvs_date("Date: 2019/08/02 13:32:47"); script_cve_id("CVE-2005-0089"); script_xref(name:"MDKSA", value:"2005:035"); script_name(english:"Mandrake Linux Security Advisory : python (MDKSA-2005:035)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A flaw in the python language was found by the development team. The SimpleXMLRPCServer library module could permit remote attackers unintended access to internals of the registered object or it's module, or possibly even other modules. This only affects python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers that only use the register_function() method are not affected. The updated packages have been patched to prevent these problems." ); script_set_attribute( attribute:"see_also", value:"http://www.python.org/security/PSF-2005-001/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64python2.3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64python2.3-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpython2.3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpython2.3-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:python-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:tkinter"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64python2.3-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64python2.3-devel-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpython2.3-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpython2.3-devel-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", reference:"python-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", reference:"python-base-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", reference:"python-docs-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.0", reference:"tkinter-2.3.3-2.1.100mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64python2.3-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64python2.3-devel-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpython2.3-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libpython2.3-devel-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", reference:"python-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", reference:"python-base-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", reference:"python-docs-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.1", reference:"tkinter-2.3.4-6.1.101mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64python2.3-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64python2.3-devel-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpython2.3-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpython2.3-devel-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", reference:"python-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", reference:"python-base-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", reference:"python-docs-2.3-3.1.92mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK9.2", reference:"tkinter-2.3-3.1.92mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200502-09.NASL description The remote host is affected by the vulnerability described in GLSA-200502-09 (Python: Arbitrary code execution through SimpleXMLRPCServer) Graham Dumpleton discovered that XML-RPC servers making use of the SimpleXMLRPCServer library that use the register_instance() method to register an object without a _dispatch() method are vulnerable to a flaw allowing to read or modify globals of the associated module. Impact : A remote attacker may be able to exploit the flaw in such XML-RPC servers to execute arbitrary code on the server host with the rights of the XML-RPC server. Workaround : Python users that don last seen 2020-06-01 modified 2020-06-02 plugin id 16446 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16446 title GLSA-200502-09 : Python: Arbitrary code execution through SimpleXMLRPCServer code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200502-09. # # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(16446); script_version("1.16"); script_cvs_date("Date: 2019/08/02 13:32:42"); script_cve_id("CVE-2005-0089"); script_xref(name:"GLSA", value:"200502-09"); script_name(english:"GLSA-200502-09 : Python: Arbitrary code execution through SimpleXMLRPCServer"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200502-09 (Python: Arbitrary code execution through SimpleXMLRPCServer) Graham Dumpleton discovered that XML-RPC servers making use of the SimpleXMLRPCServer library that use the register_instance() method to register an object without a _dispatch() method are vulnerable to a flaw allowing to read or modify globals of the associated module. Impact : A remote attacker may be able to exploit the flaw in such XML-RPC servers to execute arbitrary code on the server host with the rights of the XML-RPC server. Workaround : Python users that don't make use of any SimpleXMLRPCServer-based XML-RPC servers, or making use of servers using only the register_function() method are not affected." ); # http://www.python.org/security/PSF-2005-001/ script_set_attribute( attribute:"see_also", value:"https://www.python.org/news/security/" ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200502-09" ); script_set_attribute( attribute:"solution", value: "All Python users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose dev-lang/python" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:python"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-lang/python", unaffected:make_list("ge 2.3.4-r1", "rge 2.3.3-r2", "rge 2.2.3-r6"), vulnerable:make_list("le 2.3.4"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Python"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2005-109.NASL description Updated Python packages that fix a security issue are now available for Red Hat Enterprise Linux 3. Python is an interpreted, interactive, object-oriented programming language. An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0089 to this issue. Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 16385 published 2005-02-14 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/16385 title RHEL 3 : python (RHSA-2005:109) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2005:109. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(16385); script_version ("1.26"); script_cvs_date("Date: 2019/10/25 13:36:11"); script_cve_id("CVE-2005-0089"); script_xref(name:"RHSA", value:"2005:109"); script_name(english:"RHEL 3 : python (RHSA-2005:109)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated Python packages that fix a security issue are now available for Red Hat Enterprise Linux 3. Python is an interpreted, interactive, object-oriented programming language. An object traversal bug was found in the Python SimpleXMLRPCServer. This bug could allow a remote untrusted user to do unrestricted object traversal and allow them to access or change function internals using the im_* and func_* attributes. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0089 to this issue. Users of Python are advised to upgrade to these updated packages, which contain backported patches to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2005-0089" ); # http://www.python.org/security/PSF-2005-001/ script_set_attribute( attribute:"see_also", value:"https://www.python.org/news/security/" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2005:109" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tkinter"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/05/02"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2005:109"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL3", reference:"python-2.2.3-6.1")) flag++; if (rpm_check(release:"RHEL3", reference:"python-devel-2.2.3-6.1")) flag++; if (rpm_check(release:"RHEL3", reference:"python-tools-2.2.3-6.1")) flag++; if (rpm_check(release:"RHEL3", reference:"tkinter-2.2.3-6.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python / python-devel / python-tools / tkinter"); } }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-73-1.NASL description The Python developers discovered a flaw in the SimpleXMLRPCServer module. Python XML-RPC servers that used the register_instance() method to register an object, but do not have a _dispatch() method, allowed remote users to access or change function internals using the im_* and func_* attributes. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 20694 published 2006-01-15 reporter Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/20694 title Ubuntu 4.10 : python2.2, python2.3 vulnerability (USN-73-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-73-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(20694); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:00"); script_cve_id("CVE-2005-0089"); script_xref(name:"USN", value:"73-1"); script_name(english:"Ubuntu 4.10 : python2.2, python2.3 vulnerability (USN-73-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The Python developers discovered a flaw in the SimpleXMLRPCServer module. Python XML-RPC servers that used the register_instance() method to register an object, but do not have a _dispatch() method, allowed remote users to access or change function internals using the im_* and func_* attributes. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:idle-python2.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:idle-python2.3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-examples"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-gdbm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-mpz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.2-xmlbase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-examples"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-gdbm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-mpz"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.3-tk"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10"); script_set_attribute(attribute:"patch_publication_date", value:"2005/02/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(4\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"4.10", pkgname:"idle-python2.2", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"idle-python2.3", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-dev", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-doc", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-examples", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-gdbm", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-mpz", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-tk", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.2-xmlbase", pkgver:"2.2.3-10ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-dev", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-doc", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-examples", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-gdbm", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-mpz", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (ubuntu_check(osver:"4.10", pkgname:"python2.3-tk", pkgver:"2.3.4-2ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "idle-python2.2 / idle-python2.3 / python2.2 / python2.2-dev / etc"); }
Oval
| accepted | 2013-04-29T04:22:26.447-04:00 | ||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||
| contributors |
| ||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||
| description | The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. | ||||||||||||||||||||
| family | unix | ||||||||||||||||||||
| id | oval:org.mitre.oval:def:9811 | ||||||||||||||||||||
| status | accepted | ||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
| title | Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files. | ||||||||||||||||||||
| version | 26 |
Redhat
| advisories |
| ||||
| rpms |
|
References
- http://www.python.org/security/PSF-2005-001/
- http://python.org/security/PSF-2005-001/patch-2.2.txt
- http://www.debian.org/security/2005/dsa-666
- http://www.redhat.com/support/errata/RHSA-2005-108.html
- http://www.trustix.org/errata/2005/0003/
- http://www.securityfocus.com/bid/12437
- http://securitytracker.com/id?1013083
- http://secunia.com/advisories/14128
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:035
- http://marc.info/?l=bugtraq&m=110746469728728&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19217
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9811