Vulnerabilities > CVE-2014-1912 - Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Buffer Overflow via Environment Variables This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
- Overflow Buffers Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
- Client-side Injection-induced Buffer Overflow This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
- Filter Failure through Buffer Overflow In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
- MIME Conversion An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Exploit-Db
| description | Python socket.recvfrom_into() - Remote Buffer Overflow. CVE-2014-1912. Remote exploit for linux platform |
| file | exploits/linux/remote/31875.py |
| id | EDB-ID:31875 |
| last seen | 2016-02-03 |
| modified | 2014-02-24 |
| platform | linux |
| port | |
| published | 2014-02-24 |
| reporter | Sha0 |
| source | https://www.exploit-db.com/download/31875/ |
| title | Python socket.recvfrom_into - Remote Buffer Overflow |
| type | remote |
Nessus
NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2015-1330.NASL description From Red Hat Security Advisory 2015:1330 : Updated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. last seen 2020-03-18 modified 2015-07-30 plugin id 85099 published 2015-07-30 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85099 title Oracle Linux 6 : python (ELSA-2015-1330) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2015-1330.NASL description Updated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. last seen 2020-06-01 modified 2020-06-02 plugin id 85012 published 2015-07-28 reporter This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85012 title CentOS 6 : python (CESA-2015:1330) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-213.NASL description Python was updated to 2.7.6 to fix bugs and security issues : - bugfix-only release - SSL-related fixes - upstream fix for CVE-2013-4238 - upstream fixes for CVE-2013-1752 - added patches for CVE-2013-1752 (bnc#856836) issues that are missing in 2.7.6: python-2.7.6-imaplib.patch python-2.7.6-poplib.patch smtplib_maxline-2.7.patch - CVE-2013-1753 (bnc#856835) gzip decompression bomb in xmlrpc client: xmlrpc_gzip_27.patch - python-2.7.6-bdist-rpm.patch: fix broken last seen 2020-06-05 modified 2014-06-13 plugin id 75294 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75294 title openSUSE Security Update : python (openSUSE-SU-2014:0380-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2880.NASL description Multiple security issues were discovered in Python : - CVE-2013-4238 Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly. - CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function. last seen 2020-03-17 modified 2014-03-18 plugin id 73065 published 2014-03-18 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73065 title Debian DSA-2880-1 : python2.7 - security update NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-289.NASL description This python updated fixes the following security issue : - bnc#863741: Fixed potential buffer overflow in socket.recvfrom_into (CVE-2014-1912). last seen 2020-06-05 modified 2014-06-13 plugin id 75320 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75320 title openSUSE Security Update : python (openSUSE-SU-2014:0518-1) NASL family Scientific Linux Local Security Checks NASL id SL_20150722_PYTHON_ON_SL6_X.NASL description It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) last seen 2020-03-18 modified 2015-08-04 plugin id 85206 published 2015-08-04 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/85206 title Scientific Linux Security Update : python on SL6.x i386/x86_64 (20150722) NASL family SuSE Local Security Checks NASL id SUSE_11_PYTHON-201403-140331.NASL description Python was updated to fix a security issue in the socket.recvfrom_into function, where data could be written over the end of the buffer. (CVE-2014-1912) last seen 2020-06-05 modified 2014-04-29 plugin id 73751 published 2014-04-29 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73751 title SuSE 11.3 Security Update : Python (SAT Patch Number 9075) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-292.NASL description Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. last seen 2020-06-01 modified 2020-06-02 plugin id 72748 published 2014-03-02 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72748 title Amazon Linux AMI : python26 (ALAS-2014-292) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-075.NASL description Updated python packages fix security vulnerabilities : A vulnerability was reported in Python last seen 2020-06-01 modified 2020-06-02 plugin id 82328 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82328 title Mandriva Linux Security Advisory : python (MDVSA-2015:075) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2015-1330.NASL description Updated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. last seen 2020-03-18 modified 2015-07-23 plugin id 84938 published 2015-07-23 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/84938 title RHEL 6 : python (RHSA-2015:1330) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-041.NASL description A vulnerability was reported in Python last seen 2020-06-01 modified 2020-06-02 plugin id 72594 published 2014-02-20 reporter This script is Copyright (C) 2014-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72594 title Mandriva Linux Security Advisory : python (MDVSA-2014:041) NASL family Fedora Local Security Checks NASL id FEDORA_2014-2418.NASL description Buffer overflow fix. See upstream issue: http://bugs.python.org/issue20246 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-02-17 plugin id 72524 published 2014-02-17 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72524 title Fedora 20 : python3-3.3.2-9.fc20 (2014-2418) NASL family MacOS X Local Security Checks NASL id MACOSX_10_10_5.NASL description The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.5. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apache_mod_php - Apple ID OD Plug-in - AppleGraphicsControl - Bluetooth - bootp - CloudKit - CoreMedia Playback - CoreText - curl - Data Detectors Engine - Date & Time pref pane - Dictionary Application - DiskImages - dyld - FontParser - groff - ImageIO - Install Framework Legacy - IOFireWireFamily - IOGraphics - IOHIDFamily - Kernel - Libc - Libinfo - libpthread - libxml2 - libxpc - mail_cmds - Notification Center OSX - ntfs - OpenSSH - OpenSSL - perl - PostgreSQL - python - QL Office - Quartz Composer Framework - Quick Look - QuickTime 7 - SceneKit - Security - SMBClient - Speech UI - sudo - tcpdump - Text Formats - udf Note that successful exploitation of the most serious issues can result in arbitrary code execution. last seen 2020-06-01 modified 2020-06-02 plugin id 85408 published 2015-08-17 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/85408 title Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1574.NASL description According to the versions of the edk2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.(CVE-2014-1912) - ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-14575) - ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-14559) - ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-14563) - ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-14553) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2020-05-01 plugin id 136277 published 2020-05-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136277 title EulerOS Virtualization for ARM 64 3.0.2.0 : edk2 (EulerOS-SA-2020-1574) NASL family Databases NASL id MYSQL_CLUSTER_7_3_6.NASL description The version of MySQL Cluster running on the remote host is 7.3.x prior to 7.3.6. It is, therefore, affected by an overflow condition in the CLSTCONF component, specifically in the Python sock_recvfrom_into() function within file Modules/socketmodule.c, due to improper validation of user-supplied input when checking boundaries. An unauthenticated, remote attacker can exploit this, via a specially crafted string, to cause a denial of service condition or the execution of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 101811 published 2017-07-19 reporter This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/101811 title MySQL Cluster 7.3.x < 7.3.6 CLSTCONF RCE (July 2017 CPU) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2014-293.NASL description Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. last seen 2020-06-01 modified 2020-06-02 plugin id 72749 published 2014-03-02 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72749 title Amazon Linux AMI : python27 (ALAS-2014-293) NASL family Fedora Local Security Checks NASL id FEDORA_2014-2394.NASL description Buffer overflow fix. See upstream issue: http://bugs.python.org/issue20246 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-02-17 plugin id 72523 published 2014-02-17 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72523 title Fedora 20 : python-2.7.5-10.fc20 (2014-2394) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2125-1.NASL description Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2014-03-04 plugin id 72798 published 2014-03-04 reporter Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72798 title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.10 : python2.6, python2.7, python3.2, python3.3 vulnerability (USN-2125-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-333.NASL description This python update fixes the following security and non-security issues : - bnc#869222: Fixed DoS when opening malicious archives (CVE-2013-7338). - bnc#863741: Fixed buffer overflow in socket.recvfrom_into (CVE-2014-1912). - bnc#871152: Fixed race condition with umask when creating directories with os.mkdirs (CVE-2014-2667). - bnc#637176: Fixed update multilib patch to handle home install scheme. last seen 2020-06-05 modified 2014-06-13 plugin id 75343 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75343 title openSUSE Security Update : python3 (openSUSE-SU-2014:0597-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201503-10.NASL description The remote host is affected by the vulnerability described in GLSA-201503-10 (Python: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 82009 published 2015-03-24 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82009 title GLSA-201503-10 : Python: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0234-1.NASL description This update for python fixes the following issues : Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions (bsc#1159035). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 133259 published 2020-01-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133259 title SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-278.NASL description Python was updated to 3.3.5 fixing bugs and security issues : - bugfix-only release, closes several security bugs - CVE-2013-1752 (bnc#856836) - DoS flaws with unbounded reads from network - disable SSLv2 by default - DoS on maliciously crafted zip files (CVE-2013-7338, bnc#869222) - CGIHttpRequestHandler directory traversal - gzip decompression bomb in xmlrpc client (CVE-2013-1753, bnc#856835) xmlrpc_gzip_33.patch - potential buffer overflow in recvfrom_into (CVE-2014-1912, bnc#863741) - hundreds of non-security-related bugfixes last seen 2020-06-05 modified 2014-06-13 plugin id 75315 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75315 title openSUSE Security Update : python3 (openSUSE-SU-2014:0498-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8E5E6D42A0FA11E3B09A080027F2D077.NASL description Vincent Danen via Red Hat Issue Tracker reports : A vulnerability was reported in Python last seen 2020-06-01 modified 2020-06-02 plugin id 72768 published 2014-03-03 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72768 title FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-076.NASL description Updated python3 packages fix security vulnerabilities : ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips (CVE-2013-7338). A vulnerability was reported in Python last seen 2020-06-01 modified 2020-06-02 plugin id 82329 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82329 title Mandriva Linux Security Advisory : python3 (MDVSA-2015:076)
Redhat
| advisories |
| ||||||||
| rpms |
|
Seebug
bulletinFamily exploit description No description provided by source. id SSV:85189 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-85189 title Python socket.recvfrom_into() - Remote Buffer Overflow bulletinFamily exploit description CVE(CAN) ID: CVE-2014-1912 Python是一种面向对象、直译式计算机程序设计语言。 Python 2.7版本的"sock_recvfrom_into()"函数(Modules/socketmodule.c)存在边界错误,利用后可造成缓冲区溢出,执行任意代码。 0 Python python 2.7.x 厂商补丁: Python ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://bugs.python.org/issue20246 id SSV:61560 last seen 2017-11-19 modified 2014-02-25 published 2014-02-25 reporter Root source https://www.seebug.org/vuldb/ssvid-61560 title Python "sock_recvfrom_into()" 缓冲区溢出漏洞
References
- http://bugs.python.org/issue20246
- http://hg.python.org/cpython/rev/87673659d8f7
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html
- http://pastebin.com/raw.php?i=GHXSmNEg
- http://rhn.redhat.com/errata/RHSA-2015-1064.html
- http://rhn.redhat.com/errata/RHSA-2015-1330.html
- http://www.debian.org/security/2014/dsa-2880
- http://www.exploit-db.com/exploits/31875
- http://www.openwall.com/lists/oss-security/2014/02/12/16
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/65379
- http://www.securitytracker.com/id/1029831
- http://www.ubuntu.com/usn/USN-2125-1
- https://security.gentoo.org/glsa/201503-10
- https://support.apple.com/kb/HT205031
- https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/