Vulnerabilities > CVE-2014-7185 - Numeric Errors vulnerability in multiple products

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
python
apple
CWE-189
nessus

Summary

Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

Vulnerable Configurations

Part Description Count
Application
Python
83
OS
Apple
91

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_PYTHON_20141120.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a
    last seen2020-06-01
    modified2020-06-02
    plugin id80750
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80750
    titleOracle Solaris Third-Party Patch Update : python (cve_2014_7185_integer_overflow)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-1330.NASL
    descriptionFrom Red Hat Security Advisory 2015:1330 : Updated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement.
    last seen2020-03-18
    modified2015-07-30
    plugin id85099
    published2015-07-30
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85099
    titleOracle Linux 6 : python (ELSA-2015-1330)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_PYTHON-2014-11-19-141119.NASL
    descriptionPython was updated to fix one security issue : - Potential wraparound/overflow in buffer() (CVE-2014-7185) As an additional hardening measure SSLv2 has been disabled. (bnc#901715)
    last seen2020-06-05
    modified2014-11-28
    plugin id79619
    published2014-11-28
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/79619
    titleSuSE 11.3 Security Update : Python (SAT Patch Number 9996)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-11522.NASL
    descriptionSecurity fix for potential buffer overflow. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-10-29
    plugin id78703
    published2014-10-29
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78703
    titleFedora 19 : python-2.7.5-14.fc19 (2014-11522)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-1330.NASL
    descriptionUpdated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement.
    last seen2020-06-01
    modified2020-06-02
    plugin id85012
    published2015-07-28
    reporterThis script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85012
    titleCentOS 6 : python (CESA-2015:1330)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-11559.NASL
    descriptionSecurity fix for potential buffer overflow. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-10-01
    plugin id77998
    published2014-10-01
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/77998
    titleFedora 20 : python-2.7.5-14.fc20 (2014-11559)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2653-1.NASL
    descriptionIt was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. (CVE-2013-1752) It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. (CVE-2013-1753) It was discovered that the Python json module incorrectly handled a certain argument. An attacker could possibly use this issue to read arbitrary memory and expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4616) It was discovered that the Python CGIHTTPServer incorrectly handled URL-encoded path separators in URLs. A remote attacker could use this issue to expose sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4650) It was discovered that Python incorrectly handled sizes and offsets in buffer functions. An attacker could possibly use this issue to read arbitrary memory and obtain sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-7185). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2015-06-26
    plugin id84428
    published2015-06-26
    reporterUbuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84428
    titleUbuntu 12.04 LTS / 14.04 LTS / 14.10 : python2.7, python3.2, python3.4 vulnerabilities (USN-2653-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2015-2101.NASL
    descriptionFrom Red Hat Security Advisory 2015:2101 : Updated python packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to make it possible to enable certificate verification by default. However, for backwards compatibility, verification remains disabled by default. Future updates may change this default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219108) This update also fixes the following bugs : * Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an
    last seen2020-03-18
    modified2015-11-24
    plugin id87020
    published2015-11-24
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87020
    titleOracle Linux 7 : python (ELSA-2015-2101)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2015-621.NASL
    descriptionAn integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control those arguments could use this flaw to disclose portions of the application memory or cause it to crash. It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory.
    last seen2020-03-17
    modified2015-12-15
    plugin id87347
    published2015-12-15
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87347
    titleAmazon Linux AMI : python26 (ALAS-2015-621)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20151119_PYTHON_ON_SL7_X.NASL
    descriptionIt was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) This update also fixes the following bugs : - Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an
    last seen2020-03-18
    modified2015-12-22
    plugin id87570
    published2015-12-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87570
    titleScientific Linux Security Update : python on SL7.x x86_64 (20151119)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20150722_PYTHON_ON_SL6_X.NASL
    descriptionIt was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185)
    last seen2020-03-18
    modified2015-08-04
    plugin id85206
    published2015-08-04
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85206
    titleScientific Linux Security Update : python on SL6.x i386/x86_64 (20150722)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2015-0098.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - Add Oracle Linux distribution in platform.py [orabug 21288328] (Keshav Sharma) - Enable use of deepcopy with instance methods Resolves: rhbz#1223037 - Since -libs now provide python-ordered dict, added ordereddict dist-info to site-packages Resolves: rhbz#1199997 - Fix CVE-2014-7185/4650/1912 (CVE-2013-1752) Resolves: rhbz#1206572 - Fix logging module error when multiprocessing module is not initialized Resolves: rhbz#1204966 - Add provides for python-ordereddict Resolves: rhbz#1199997 - Let ConfigParse handle options without values - Add check phase to specfile, fix and skip relevant failing tests Resolves: rhbz#1031709 - Make Popen.communicate catch EINTR error Resolves: rhbz#1073165 - Add choices for sort option of cProfile for better output Resolves: rhbz#1160640 - Make multiprocessing ignore EINTR Resolves: rhbz#1180864 - Fix iteration over files with very long lines Resolves: rhbz#794632 - Fix subprocess.Popen.communicate being broken by SIGCHLD handler. Resolves: rhbz#1065537 - Rebuild against latest valgrind-devel. Resolves: rhbz#1142170 - Bump release up to ensure proper upgrade path. Related: rhbz#958256 - Fix multilib dependencies. Resolves: rhbz#958256
    last seen2020-06-01
    modified2020-06-02
    plugin id85139
    published2015-07-31
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85139
    titleOracleVM 3.3 : python (OVMSA-2015-0098)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2015-075.NASL
    descriptionUpdated python packages fix security vulnerabilities : A vulnerability was reported in Python
    last seen2020-06-01
    modified2020-06-02
    plugin id82328
    published2015-03-30
    reporterThis script is Copyright (C) 2015-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/82328
    titleMandriva Linux Security Advisory : python (MDVSA-2015:075)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-1330.NASL
    descriptionUpdated python packages that fix multiple security issues, several bugs and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) These updated python packages also include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal : https://access.redhat.com/articles/1495363 All python users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement.
    last seen2020-03-18
    modified2015-07-23
    plugin id84938
    published2015-07-23
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/84938
    titleRHEL 6 : python (RHSA-2015:1330)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2015-2101.NASL
    descriptionUpdated python packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to make it possible to enable certificate verification by default. However, for backwards compatibility, verification remains disabled by default. Future updates may change this default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219108) This update also fixes the following bugs : * Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an
    last seen2020-03-17
    modified2015-12-02
    plugin id87129
    published2015-12-02
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/87129
    titleCentOS 7 : python (CESA-2015:2101)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1434.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that Python
    last seen2020-06-01
    modified2020-06-02
    plugin id124937
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124937
    titleEulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2015-2101.NASL
    descriptionUpdated python packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory. (CVE-2013-1753) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185) A flaw was found in the way the json module handled negative index arguments passed to certain functions (such as raw_decode()). An attacker able to control the index value passed to one of the affected functions could possibly use this flaw to disclose portions of the application memory. (CVE-2014-4616) The Python standard library HTTP client modules (such as httplib or urllib) did not perform verification of TLS/SSL certificates when connecting to HTTPS servers. A man-in-the-middle attacker could use this flaw to hijack connections and eavesdrop or modify transferred data. (CVE-2014-9365) Note: The Python standard library was updated to make it possible to enable certificate verification by default. However, for backwards compatibility, verification remains disabled by default. Future updates may change this default. Refer to the Knowledgebase article 2039753 linked to in the References section for further details about this change. (BZ#1219108) This update also fixes the following bugs : * Subprocesses used with the Eventlet library or regular threads previously tried to close epoll file descriptors twice, which led to an
    last seen2020-03-18
    modified2015-11-20
    plugin id86968
    published2015-11-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/86968
    titleRHEL 7 : python (RHSA-2015:2101)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2014-1511-1.NASL
    descriptionpython, python-base, python-doc was updated to fix one security issue. This security issue was fixed : - Fixed potential buffer overflow in buffer() (CVE-2014-7185). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-05-20
    plugin id83646
    published2015-05-20
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/83646
    titleSUSE SLED12 / SLES12 Security Update : python, python-base, python-doc (SUSE-SU-2014:1511-1)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_10_5.NASL
    descriptionThe remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.5. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - apache_mod_php - Apple ID OD Plug-in - AppleGraphicsControl - Bluetooth - bootp - CloudKit - CoreMedia Playback - CoreText - curl - Data Detectors Engine - Date & Time pref pane - Dictionary Application - DiskImages - dyld - FontParser - groff - ImageIO - Install Framework Legacy - IOFireWireFamily - IOGraphics - IOHIDFamily - Kernel - Libc - Libinfo - libpthread - libxml2 - libxpc - mail_cmds - Notification Center OSX - ntfs - OpenSSH - OpenSSL - perl - PostgreSQL - python - QL Office - Quartz Composer Framework - Quick Look - QuickTime 7 - SceneKit - Security - SMBClient - Speech UI - sudo - tcpdump - Text Formats - udf Note that successful exploitation of the most serious issues can result in arbitrary code execution.
    last seen2020-06-01
    modified2020-06-02
    plugin id85408
    published2015-08-17
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/85408
    titleMac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2014-440.NASL
    descriptionIt was discovered that Python built-in module CGIHTTPServer does not properly handle URL-encoded path separators in URLs which may enable attackers to disclose a CGI script
    last seen2020-03-17
    modified2014-11-06
    plugin id78873
    published2014-11-06
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78873
    titleAmazon Linux AMI : python27 (ALAS-2014-440)
  • NASL familyF5 Networks Local Security Checks
    NASL idF5_BIGIP_SOL78825687.NASL
    descriptionInteger overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a
    last seen2020-06-01
    modified2020-06-02
    plugin id101913
    published2017-07-24
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/101913
    titleF5 Networks BIG-IP : Python and Jython vulnerability (K78825687)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201503-10.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201503-10 (Python: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute arbitrary code or cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id82009
    published2015-03-24
    reporterThis script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82009
    titleGLSA-201503-10 : Python: Multiple vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0234-1.NASL
    descriptionThis update for python fixes the following issues : Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions (bsc#1159035). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133259
    published2020-01-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133259
    titleSUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2014-197.NASL
    descriptionUpdated python packages fix security vulnerability : Python before 2.7.8 is vulnerable to an integer overflow in the buffer type (CVE-2014-7185).
    last seen2020-06-01
    modified2020-06-02
    plugin id78613
    published2014-10-22
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78613
    titleMandriva Linux Security Advisory : python (MDVSA-2014:197)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2015-1344-1.NASL
    descriptionThis update to python 2.7.9 fixes the following issues : - python-2.7-libffi-aarch64.patch: Fix argument passing in libffi for aarch64 From the version update to 2.7.9 : - contains full backport of ssl module from Python 3.4 (PEP466) - HTTPS certificate validation enabled by default (PEP476) - SSLv3 disabled by default (bnc#901715) - backported ensurepip module (PEP477) - fixes several missing CVEs from last release: CVE-2013-1752, CVE-2013-1753 - dropped upstreamed patches: python-2.7.6-poplib.patch, smtplib_maxline-2.7.patch, xmlrpc_gzip_27.patch - dropped patch python-2.7.3-ssl_ca_path.patch because we don
    last seen2020-03-18
    modified2015-08-06
    plugin id85250
    published2015-08-06
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/85250
    titleSUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2015:1344-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-588.NASL
    description - CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer() (CVE-2014-7185, bnc#898572) - CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer() (CVE-2014-7185, bnc#898572) - CVE-2014-7185-buffer-wraparound.patch: potential wraparound/overflow in buffer() (CVE-2014-7185, bnc#898572)
    last seen2020-06-05
    modified2014-10-15
    plugin id78453
    published2014-10-15
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/78453
    titleopenSUSE Security Update : python (openSUSE-SU-2014:1292-1)

Redhat

advisories
  • bugzilla
    id1223037
    titlePython raises exception on deepcopy of instance methods
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commenttkinter is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330001
          • commenttkinter is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554004
        • AND
          • commentpython-test is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330003
          • commentpython-test is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554006
        • AND
          • commentpython-tools is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330005
          • commentpython-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554008
        • AND
          • commentpython-devel is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330007
          • commentpython-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554010
        • AND
          • commentpython-libs is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330009
          • commentpython-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554014
        • AND
          • commentpython is earlier than 0:2.6.6-64.el6
            ovaloval:com.redhat.rhsa:tst:20151330011
          • commentpython is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554012
    rhsa
    idRHSA-2015:1330
    released2015-07-20
    severityModerate
    titleRHSA-2015:1330: python security, bug fix, and enhancement update (Moderate)
  • bugzilla
    id1259421
    titleBackport SSLSocket.version() to python 2.7.5
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentpython-devel is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101001
          • commentpython-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554010
        • AND
          • commentpython-libs is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101003
          • commentpython-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554014
        • AND
          • commentpython is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101005
          • commentpython is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554012
        • AND
          • commentpython-debug is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101007
          • commentpython-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152101008
        • AND
          • commentpython-tools is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101009
          • commentpython-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554008
        • AND
          • commenttkinter is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101011
          • commenttkinter is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554004
        • AND
          • commentpython-test is earlier than 0:2.7.5-34.el7
            ovaloval:com.redhat.rhsa:tst:20152101013
          • commentpython-test is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110554006
    rhsa
    idRHSA-2015:2101
    released2015-11-19
    severityModerate
    titleRHSA-2015:2101: python security, bug fix, and enhancement update (Moderate)
  • rhsa
    idRHSA-2015:1064
rpms
  • python27-0:1.1-17.el6
  • python27-0:1.1-20.el7
  • python27-python-0:2.7.8-3.el6
  • python27-python-0:2.7.8-3.el7
  • python27-python-debug-0:2.7.8-3.el6
  • python27-python-debug-0:2.7.8-3.el7
  • python27-python-debuginfo-0:2.7.8-3.el6
  • python27-python-debuginfo-0:2.7.8-3.el7
  • python27-python-devel-0:2.7.8-3.el6
  • python27-python-devel-0:2.7.8-3.el7
  • python27-python-libs-0:2.7.8-3.el6
  • python27-python-libs-0:2.7.8-3.el7
  • python27-python-pip-0:1.5.6-5.el6
  • python27-python-pip-0:1.5.6-5.el7
  • python27-python-setuptools-0:0.9.8-3.el6
  • python27-python-setuptools-0:0.9.8-5.el7
  • python27-python-simplejson-0:3.2.0-2.el6
  • python27-python-simplejson-0:3.2.0-3.el7
  • python27-python-simplejson-debuginfo-0:3.2.0-2.el6
  • python27-python-simplejson-debuginfo-0:3.2.0-3.el7
  • python27-python-test-0:2.7.8-3.el6
  • python27-python-test-0:2.7.8-3.el7
  • python27-python-tools-0:2.7.8-3.el6
  • python27-python-tools-0:2.7.8-3.el7
  • python27-python-wheel-0:0.24.0-2.el6
  • python27-python-wheel-0:0.24.0-2.el7
  • python27-runtime-0:1.1-17.el6
  • python27-runtime-0:1.1-20.el7
  • python27-scldevel-0:1.1-17.el6
  • python27-scldevel-0:1.1-20.el7
  • python27-tkinter-0:2.7.8-3.el6
  • python27-tkinter-0:2.7.8-3.el7
  • python-0:2.6.6-64.el6
  • python-debuginfo-0:2.6.6-64.el6
  • python-devel-0:2.6.6-64.el6
  • python-libs-0:2.6.6-64.el6
  • python-test-0:2.6.6-64.el6
  • python-tools-0:2.6.6-64.el6
  • tkinter-0:2.6.6-64.el6
  • python-0:2.7.5-34.el7
  • python-debug-0:2.7.5-34.el7
  • python-debuginfo-0:2.7.5-34.el7
  • python-devel-0:2.7.5-34.el7
  • python-libs-0:2.7.5-34.el7
  • python-test-0:2.7.5-34.el7
  • python-tools-0:2.7.5-34.el7
  • tkinter-0:2.7.5-34.el7