Vulnerabilities > CVE-2018-14647 - Missing Initialization of Resource vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3817-1.NASL
    descriptionIt was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030) It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000802) It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061) It was discovered that Python failed to initialize Expat
    last seen2020-06-01
    modified2020-06-02
    plugin id118954
    published2018-11-14
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118954
    titleUbuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : python2.7, python3.4, python3.5 vulnerabilities (USN-3817-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-3817-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(118954);
      script_version("1.3");
      script_cvs_date("Date: 2019/09/18 12:31:48");
    
      script_cve_id("CVE-2018-1000030", "CVE-2018-1000802", "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-14647");
      script_xref(name:"USN", value:"3817-1");
    
      script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : python2.7, python3.4, python3.5 vulnerabilities (USN-3817-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that Python incorrectly handled large amounts of
    data. A remote attacker could use this issue to cause Python to crash,
    resulting in a denial of service, or possibly execute arbitrary code.
    This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
    (CVE-2018-1000030)
    
    It was discovered that Python incorrectly handled running external
    commands in the shutil module. A remote attacker could use this issue
    to cause Python to crash, resulting in a denial of service, or
    possibly execute arbitrary code. (CVE-2018-1000802)
    
    It was discovered that Python incorrectly used regular expressions
    vulnerable to catastrophic backtracking. A remote attacker could
    possibly use this issue to cause a denial of service. This issue only
    affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060,
    CVE-2018-1061)
    
    It was discovered that Python failed to initialize Expat's hash salt.
    A remote attacker could possibly use this issue to cause hash
    collisions, leading to a denial of service. (CVE-2018-14647).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/3817-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4-minimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.5");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.5-minimal");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/08");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/11/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/14");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(14\.04|16\.04|18\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 18.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"14.04", pkgname:"python2.7", pkgver:"2.7.6-8ubuntu0.5")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"python2.7-minimal", pkgver:"2.7.6-8ubuntu0.5")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"python3.4", pkgver:"3.4.3-1ubuntu1~14.04.7")) flag++;
    if (ubuntu_check(osver:"14.04", pkgname:"python3.4-minimal", pkgver:"3.4.3-1ubuntu1~14.04.7")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"python2.7", pkgver:"2.7.12-1ubuntu0~16.04.4")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"python2.7-minimal", pkgver:"2.7.12-1ubuntu0~16.04.4")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"python3.5", pkgver:"3.5.2-2ubuntu0~16.04.5")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"python3.5-minimal", pkgver:"3.5.2-2ubuntu0~16.04.5")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"python2.7", pkgver:"2.7.15~rc1-1ubuntu0.1")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"python2.7-minimal", pkgver:"2.7.15~rc1-1ubuntu0.1")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python2.7 / python2.7-minimal / python3.4 / python3.4-minimal / etc");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0482-1.NASL
    descriptionThis update for python fixes the following issues : Security issues fixed : CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191). CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847). Non-security issue fixed: Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122446
    published2019-02-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122446
    titleSUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:0482-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:0482-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122446);
      script_version("1.3");
      script_cvs_date("Date: 2020/02/07");
    
      script_cve_id("CVE-2018-14647", "CVE-2019-5010");
    
      script_name(english:"SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:0482-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for python fixes the following issues :
    
    Security issues fixed :
    
    CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509
    certificate parser (bsc#1122191).
    
    CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat
    (bsc#1109847).
    
    Non-security issue fixed: Fixed a bug where PyWeakReference struct was
    not initialized correctly leading to a crash (bsc#1073748).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1073748"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1109847"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1122191"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-14647/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-5010/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20190482-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?2d7e1e60"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE OpenStack Cloud 7:zypper in -t patch
    SUSE-OpenStack-Cloud-7-2019-482=1
    
    SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch
    SUSE-SLE-WE-12-SP4-2019-482=1
    
    SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch
    SUSE-SLE-WE-12-SP3-2019-482=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
    patch SUSE-SLE-SDK-12-SP4-2019-482=1
    
    SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t
    patch SUSE-SLE-SDK-12-SP3-2019-482=1
    
    SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch
    SUSE-SLE-SAP-12-SP2-2019-482=1
    
    SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
    SUSE-SLE-SERVER-12-SP4-2019-482=1
    
    SUSE Linux Enterprise Server 12-SP3:zypper in -t patch
    SUSE-SLE-SERVER-12-SP3-2019-482=1
    
    SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-SP2-2019-482=1
    
    SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch
    SUSE-SLE-SERVER-12-SP2-BCL-2019-482=1
    
    SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2019-482=1
    
    SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP4-2019-482=1
    
    SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch
    SUSE-SLE-DESKTOP-12-SP3-2019-482=1
    
    SUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2019-482=1
    
    SUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-482=1
    
    SUSE CaaS Platform ALL :
    
    To install this update, use the SUSE CaaS Platform Velum dashboard. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way.
    
    SUSE CaaS Platform 3.0 :
    
    To install this update, use the SUSE CaaS Platform Velum dashboard. It
    will inform you if it detects new updates and let you then trigger
    updating of the complete cluster in a controlled way.
    
    OpenStack Cloud Magnum Orchestration 7:zypper in -t patch
    SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-482=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-idle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/02/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(1|2|3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1/2/3/4", os_ver + " SP" + sp);
    if (os_ver == "SLED12" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3/4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-demo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-devel-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-gdbm-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-idle-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-demo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-gdbm-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-idle-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"4", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-demo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-gdbm-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-idle-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"3", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-demo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-gdbm-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-idle-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-demo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-gdbm-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-idle-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"2", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-devel-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-devel-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++;
    if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1834.NASL
    descriptionMultiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including CVE-2018-14647 Python
    last seen2020-06-01
    modified2020-06-02
    plugin id126222
    published2019-06-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126222
    titleDebian DLA-1834-1 : python2.7 security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Debian Security Advisory DLA-1834-1. The text
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126222);
      script_version("1.3");
      script_cvs_date("Date: 2020/01/10");
    
      script_cve_id("CVE-2018-14647", "CVE-2019-10160", "CVE-2019-5010", "CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948");
    
      script_name(english:"Debian DLA-1834-1 : python2.7 security update");
      script_summary(english:"Checks dpkg output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple vulnerabilities were discovered in Python, an interactive
    high-level object-oriented language, including 
    
    CVE-2018-14647
    
    Python's elementtree C accelerator failed to initialise Expat's hash
    salt during initialization. This could make it easy to conduct denial
    of service attacks against Expat by constructing an XML document that
    would cause pathological hash collisions in Expat's internal data
    structures, consuming large amounts CPU and RAM.
    
    CVE-2019-5010
    
    NULL pointer dereference using a specially crafted X509 certificate.
    
    CVE-2019-9636
    
    Improper Handling of Unicode Encoding (with an incorrect netloc)
    during NFKC normalization resulting in information disclosure
    (credentials, cookies, etc. that are cached against a given hostname).
    A specially crafted URL could be incorrectly parsed to locate cookies
    or authentication data and send that information to a different host
    than when parsed correctly.
    
    CVE-2019-9740
    
    An issue was discovered in urllib2 where CRLF injection is possible if
    the attacker controls a url parameter, as demonstrated by the first
    argument to urllib.request.urlopen with \r\n (specifically in the
    query string after a ? character) followed by an HTTP header or a
    Redis command.
    
    CVE-2019-9947
    
    An issue was discovered in urllib2 where CRLF injection is possible if
    the attacker controls a url parameter, as demonstrated by the first
    argument to urllib.request.urlopen with \r\n (specifically in the path
    component of a URL that lacks a ? character) followed by an HTTP
    header or a Redis command. This is similar to the CVE-2019-9740 query
    string issue.
    
    CVE-2019-9948
    
    urllib supports the local_file: scheme, which makes it easier for
    remote attackers to bypass protection mechanisms that blacklist file:
    URIs, as demonstrated by triggering a
    urllib.urlopen('local_file:///etc/passwd') call.
    
    CVE-2019-10160
    
    A security regression of CVE-2019-9636 was discovered which still
    allows an attacker to exploit CVE-2019-9636 by abusing the user and
    password parts of a URL. When an application parses user-supplied URLs
    to store cookies, authentication credentials, or other kind of
    information, it is possible for an attacker to provide specially
    crafted URLs to make the application locate host-related information
    (e.g. cookies, authentication data) and send them to a different host
    than where it should, unlike if the URLs had been correctly parsed.
    The result of an attack may vary based on the application.
    
    For Debian 8 'Jessie', these problems have been fixed in version
    2.7.9-2+deb8u3.
    
    We recommend that you upgrade your python2.7 packages.
    
    NOTE: Tenable Network Security has extracted the preceding description
    block directly from the DLA security advisory. Tenable has attempted
    to automatically clean and format it as much as possible without
    introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/jessie/python2.7"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9948");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:idle-python2.7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-minimal");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-stdlib");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-testsuite");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-dbg");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-dev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-examples");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-minimal");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/06/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/25");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"8.0", prefix:"idle-python2.7", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7-dbg", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7-dev", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7-minimal", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7-stdlib", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"libpython2.7-testsuite", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7-dbg", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7-dev", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7-doc", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7-examples", reference:"2.7.9-2+deb8u3")) flag++;
    if (deb_check(release:"8.0", prefix:"python2.7-minimal", reference:"2.7.9-2+deb8u3")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4306.NASL
    descriptionMultiple security issues were discovered in Python: ElementTree failed to initialise Expat
    last seen2020-06-01
    modified2020-06-02
    plugin id117812
    published2018-09-28
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117812
    titleDebian DSA-4306-1 : python2.7 - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4306. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(117812);
      script_version("1.4");
      script_cvs_date("Date: 2018/12/19 13:21:17");
    
      script_cve_id("CVE-2018-1000802", "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-14647");
      script_xref(name:"DSA", value:"4306");
    
      script_name(english:"Debian DSA-4306-1 : python2.7 - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were discovered in Python: ElementTree failed
    to initialise Expat's hash salt, two denial of service issues were
    found in difflib and poplib and the shutil module was affected by a
    command injection vulnerability."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/source-package/python2.7"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/python2.7"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2018/dsa-4306"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the python2.7 packages.
    
    For the stable distribution (stretch), these problems have been fixed
    in version 2.7.13-2+deb9u3."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2018/09/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/28");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"idle-python2.7", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7-dbg", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7-dev", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7-minimal", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7-stdlib", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"libpython2.7-testsuite", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7-dbg", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7-dev", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7-doc", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7-examples", reference:"2.7.13-2+deb9u3")) flag++;
    if (deb_check(release:"9.0", prefix:"python2.7-minimal", reference:"2.7.13-2+deb9u3")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1055.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: Missing salt initialization in _elementtree.c module(CVE-2018-14647) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-02-22
    plugin id122382
    published2019-02-22
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122382
    titleEulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(122382);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04");
    
      script_cve_id(
        "CVE-2018-1060",
        "CVE-2018-1061",
        "CVE-2018-14647"
      );
    
      script_name(english:"EulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the python packages installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerabilities :
    
      - python: DOS via regular expression backtracking in
        difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061)
    
      - python: DOS via regular expression catastrophic
        backtracking in apop() method in pop3lib
        (CVE-2018-1060)
    
      - python: Missing salt initialization in _elementtree.c
        module(CVE-2018-14647)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1055
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e7434d4e");
      script_set_attribute(attribute:"solution", value:
    "Update the affected python packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/02/22");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/22");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:tkinter");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
    
    flag = 0;
    
    pkgs = ["python-2.7.5-58.h10",
            "python-devel-2.7.5-58.h10",
            "python-libs-2.7.5-58.h10",
            "tkinter-2.7.5-58.h10"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python");
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-D3B53D81E6.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120821
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120821
    titleFedora 28 : python26 (2018-d3b53d81e6)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2018-d3b53d81e6.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(120821);
      script_version("1.4");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2018-14647");
      script_xref(name:"FEDORA", value:"2018-d3b53d81e6");
    
      script_name(english:"Fedora 28 : python26 (2018-d3b53d81e6)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fix for CVE-2018-14647
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-d3b53d81e6"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected python26 package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:python26");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/10/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"FC28", reference:"python26-2.6.9-17.fc28")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python26");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-3156-1.NASL
    descriptionThis update for python fixes the following issue : CVE-2018-14647: Python
    last seen2020-06-01
    modified2020-06-02
    plugin id118171
    published2018-10-17
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118171
    titleSUSE SLES11 Security Update : python (SUSE-SU-2018:3156-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2018:3156-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(118171);
      script_version("1.4");
      script_cvs_date("Date: 2019/09/10 13:51:49");
    
      script_cve_id("CVE-2018-14647");
    
      script_name(english:"SUSE SLES11 Security Update : python (SUSE-SU-2018:3156-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for python fixes the following issue :
    
    CVE-2018-14647: Python's elementtree C accelerator failed to
    initialise Expat's hash salt during initialization. This could make it
    easy to conduct denial of service attacks against Expat by
    constructing an XML document that would cause pathological hash
    collisions in Expat's internal data structures, consuming large
    amounts CPU and RAM (bsc#1109847)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1109847"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-14647/"
      );
      # https://www.suse.com/support/update/announcement/2018/suse-su-20183156-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?478b49e9"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t
    patch sdksp4-python-13818=1
    
    SUSE Linux Enterprise Server 11-SP4:zypper in -t patch
    slessp4-python-13818=1
    
    SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch
    dbgsp4-python-13818=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_6");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_6-1_0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-demo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-idle");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/10/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/17");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libpython2_6-1_0-32bit-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"python-32bit-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"python-base-32bit-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libpython2_6-1_0-32bit-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"python-32bit-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"python-base-32bit-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"libpython2_6-1_0-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-base-2.6.9-40.21.1")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-curses-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-demo-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-gdbm-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-idle-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-tk-2.6.9-40.21.2")) flag++;
    if (rpm_check(release:"SLES11", sp:"4", reference:"python-xml-2.6.9-40.21.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1357.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python
    last seen2020-06-01
    modified2020-06-02
    plugin id124735
    published2019-05-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124735
    titleEulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1357)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1101.NASL
    descriptionPython
    last seen2020-06-01
    modified2020-06-02
    plugin id118805
    published2018-11-08
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118805
    titleAmazon Linux AMI : python35 (ALAS-2018-1101)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-0C91CE7B3C.NASL
    descriptionUpdate legacy Python to 2.7.16. Most significant improvement is that is builds against OpenSSL 1.1.1. See [upstream release announcement](https://www.python.org/downloads/release/python-2716/) and [changelog](https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7 .16.rst) (+ [rc1 changelog](https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7. 16rc1.rst)). Fixes the following CVEs : - [CVE-2019-5010](https://access.redhat.com/security/cve/c ve-2019-5010) Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. - [CVE-2013-1752](https://access.redhat.com/security/cve/c ve-2013-1752): Change use of readline() in `imaplib.IMAP4_SSL` to limit line length. ([CVE-2018-14647](https://access.redhat.com/security/cve/cve-2018-1464 7) is listed in upstream changelog, but it was already backported in Fedora.) Note that Python 2 is deprecated in Fedora 30 and users are advised to switch to Python 3. Upstream support of Python 2 ends on 2020-01-01. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124470
    published2019-05-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124470
    titleFedora 30 : python2 / python2-docs (2019-0c91ce7b3c)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1132.NASL
    descriptionPython
    last seen2020-03-28
    modified2018-12-20
    plugin id119786
    published2018-12-20
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119786
    titleAmazon Linux 2 : python3 (ALAS-2018-1132)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0229_PYTHON.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python packages installed that are affected by multiple vulnerabilities: - An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. (CVE-2019-5010) - urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(
    last seen2020-06-01
    modified2020-06-02
    plugin id132508
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132508
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-5ED8FB9EFA.NASL
    descriptionUpdate to 3.6.7 Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120458
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120458
    titleFedora 28 : python3 (2018-5ed8fb9efa)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2030.NASL
    descriptionAn update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es) : * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127651
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127651
    titleRHEL 7 : python (RHSA-2019:2030)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-BBBD8CC3A6.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120744
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120744
    titleFedora 28 : python33 (2018-bbbd8cc3a6)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1346.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1346 advisory. - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-04-07
    plugin id135247
    published2020-04-07
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135247
    titleRHEL 7 : python (RHSA-2020:1346)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1434.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that Python
    last seen2020-06-01
    modified2020-06-02
    plugin id124937
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124937
    titleEulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-2_0-0118_PYTHON2.NASL
    descriptionAn update of the python2 package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id122026
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122026
    titlePhoton OS 2.0: Python2 PHSA-2019-2.0-0118
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-292.NASL
    descriptionThis update for python fixes the following issues : Security issues fixed : - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191). - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847). Non-security issue fixed : - Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748). This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id122642
    published2019-03-06
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122642
    titleopenSUSE Security Update : python (openSUSE-2019-292)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-71FD5DB181.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120526
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120526
    titleFedora 29 : python26 (2018-71fd5db181)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-4544E8DBC8.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120386
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120386
    titleFedora 29 : python34 (2018-4544e8dbc8)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1626.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python
    last seen2020-06-01
    modified2020-06-02
    plugin id125578
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125578
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2019-1626)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1338.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python
    last seen2020-05-06
    modified2019-05-06
    plugin id124624
    published2019-05-06
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124624
    titleEulerOS 2.0 SP5 : python (EulerOS-SA-2019-1338)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-062-01.NASL
    descriptionNew python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122577
    published2019-03-04
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122577
    titleSlackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-062-01)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-AC14DBF3FD.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120699
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120699
    titleFedora 29 : python35 (2018-ac14dbf3fd)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-2BF852F063.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120315
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120315
    titleFedora 28 : python2 (2018-2bf852f063)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-2030.NASL
    descriptionAn update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es) : * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id128333
    published2019-08-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128333
    titleCentOS 7 : python (CESA-2019:2030)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2018-1132.NASL
    descriptionPython
    last seen2020-03-28
    modified2018-12-21
    plugin id119812
    published2018-12-21
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119812
    titleAmazon Linux AMI : python34 / python36 (ALAS-2018-1132)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-EE97FC9E81.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120887
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120887
    titleFedora 29 : python2 (2018-ee97fc9e81)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-937E8A39C4.NASL
    descriptionUpdated to 3.6.7, including security fix for CVE-2018-14647. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120624
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120624
    titleFedora 29 : python36 (2018-937e8a39c4)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0234-1.NASL
    descriptionThis update for python fixes the following issues : Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions (bsc#1159035). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133259
    published2020-01-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133259
    titleSUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190806_PYTHON_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948)
    last seen2020-03-18
    modified2019-08-27
    plugin id128254
    published2019-08-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128254
    titleScientific Linux Security Update : python on SL7.x x86_64 (20190806)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2019.NASL
    descriptionAccording to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A security regression of CVE-2019-9636 was discovered in python, since commit d537ab0ff9767ef024f26246899728f0116b1ec3, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.(CVE-2019-10160) - urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen(
    last seen2020-05-08
    modified2019-09-24
    plugin id129212
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129212
    titleEulerOS 2.0 SP3 : python (EulerOS-SA-2019-2019)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0114-1.NASL
    descriptionThis update for python3 to version 3.6.10 fixes the following issues : CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133036
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133036
    titleSUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-B6DE5FC905.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-10-22
    plugin id118241
    published2018-10-22
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118241
    titleFedora 27 : python2 (2018-b6de5fc905)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-86.NASL
    descriptionThis update for python3 to version 3.6.10 fixes the following issues : - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id133172
    published2020-01-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133172
    titleopenSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2053-1.NASL
    descriptionThis update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document (bsc#1109847). CVE-2018-1000802: Fixed a command injection in the shutil module (bsc#1109663). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id127768
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127768
    titleSUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2019:2053-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-7689556AB2.NASL
    descriptionSecurity fix for CVE-2018-14647 (#1631822) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120539
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120539
    titleFedora 28 : python35 (2018-7689556ab2)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2053-2.NASL
    descriptionThis update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document (bsc#1109847). CVE-2018-1000802: Fixed a command injection in the shutil module (bsc#1109663). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id128019
    published2019-08-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128019
    titleSUSE SLES12 Security Update : python3 (SUSE-SU-2019:2053-2)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1462.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1462 advisory. - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-04-14
    plugin id135459
    published2020-04-14
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135459
    titleRHEL 7 : python (RHSA-2020:1462)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-A2C1453607.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-10-26
    plugin id118410
    published2018-10-26
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118410
    titleFedora 27 : python35 (2018-a2c1453607)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-28EA2290AD.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-11-13
    plugin id118896
    published2018-11-13
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118896
    titleFedora 27 : python33 (2018-28ea2290ad)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0203_PYTHON2.NASL
    descriptionAn update of the python2 package has been released.
    last seen2020-03-17
    modified2019-02-07
    plugin id122018
    published2019-02-07
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122018
    titlePhoton OS 1.0: Python2 PHSA-2019-1.0-0203
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4307.NASL
    descriptionMultiple security issues were discovered in Python: ElementTree failed to initialise Expat
    last seen2020-06-01
    modified2020-06-02
    plugin id117838
    published2018-10-01
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117838
    titleDebian DSA-4307-1 : python3.5 - security update
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-49D6E4BC3F.NASL
    descriptionUpdate to 3.7.1 ---- Security fix for CVE-2018-14647 (#1631822) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120395
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120395
    titleFedora 28 : python37 (2018-49d6e4bc3f)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1268.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1268 advisory. - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-23
    modified2020-04-01
    plugin id135089
    published2020-04-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135089
    titleRHEL 7 : python (RHSA-2020:1268)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-14526CBEBE.NASL
    descriptionSecurity fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-10-26
    plugin id118409
    published2018-10-26
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118409
    titleFedora 27 : python26 (2018-14526cbebe)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-9860917DB0.NASL
    descriptionUpdate to 3.7.1, Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120640
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120640
    titleFedora 29 : python3 (2018-9860917db0)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0187_PYTHON.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities: - Python
    last seen2020-06-01
    modified2020-06-02
    plugin id129884
    published2019-10-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129884
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187)

Redhat

advisories
  • rhsa
    idRHSA-2019:1260
  • rhsa
    idRHSA-2019:2030
  • rhsa
    idRHSA-2019:3725
rpms
  • python27-python-0:2.7.16-4.el6
  • python27-python-0:2.7.16-4.el7
  • python27-python-debug-0:2.7.16-4.el6
  • python27-python-debug-0:2.7.16-4.el7
  • python27-python-debuginfo-0:2.7.16-4.el6
  • python27-python-debuginfo-0:2.7.16-4.el7
  • python27-python-devel-0:2.7.16-4.el6
  • python27-python-devel-0:2.7.16-4.el7
  • python27-python-jinja2-0:2.6-12.el6
  • python27-python-jinja2-0:2.6-15.el7
  • python27-python-libs-0:2.7.16-4.el6
  • python27-python-libs-0:2.7.16-4.el7
  • python27-python-test-0:2.7.16-4.el6
  • python27-python-test-0:2.7.16-4.el7
  • python27-python-tools-0:2.7.16-4.el6
  • python27-python-tools-0:2.7.16-4.el7
  • python27-tkinter-0:2.7.16-4.el6
  • python27-tkinter-0:2.7.16-4.el7
  • python-0:2.7.5-86.el7
  • python-debug-0:2.7.5-86.el7
  • python-debuginfo-0:2.7.5-86.el7
  • python-devel-0:2.7.5-86.el7
  • python-libs-0:2.7.5-86.el7
  • python-test-0:2.7.5-86.el7
  • python-tools-0:2.7.5-86.el7
  • tkinter-0:2.7.5-86.el7
  • rh-python36-python-0:3.6.9-2.el6
  • rh-python36-python-0:3.6.9-2.el7
  • rh-python36-python-debug-0:3.6.9-2.el6
  • rh-python36-python-debug-0:3.6.9-2.el7
  • rh-python36-python-debuginfo-0:3.6.9-2.el6
  • rh-python36-python-debuginfo-0:3.6.9-2.el7
  • rh-python36-python-devel-0:3.6.9-2.el6
  • rh-python36-python-devel-0:3.6.9-2.el7
  • rh-python36-python-libs-0:3.6.9-2.el6
  • rh-python36-python-libs-0:3.6.9-2.el7
  • rh-python36-python-test-0:3.6.9-2.el6
  • rh-python36-python-test-0:3.6.9-2.el7
  • rh-python36-python-tkinter-0:3.6.9-2.el6
  • rh-python36-python-tkinter-0:3.6.9-2.el7
  • rh-python36-python-tools-0:3.6.9-2.el6
  • rh-python36-python-tools-0:3.6.9-2.el7
  • python-0:2.7.5-74.el7_5
  • python-debug-0:2.7.5-74.el7_5
  • python-debuginfo-0:2.7.5-74.el7_5
  • python-devel-0:2.7.5-74.el7_5
  • python-libs-0:2.7.5-74.el7_5
  • python-test-0:2.7.5-74.el7_5
  • python-tools-0:2.7.5-74.el7_5
  • tkinter-0:2.7.5-74.el7_5
  • python-0:2.7.5-63.el7_4
  • python-debug-0:2.7.5-63.el7_4
  • python-debuginfo-0:2.7.5-63.el7_4
  • python-devel-0:2.7.5-63.el7_4
  • python-libs-0:2.7.5-63.el7_4
  • python-test-0:2.7.5-63.el7_4
  • python-tools-0:2.7.5-63.el7_4
  • tkinter-0:2.7.5-63.el7_4
  • python-0:2.7.5-83.el7_6
  • python-debug-0:2.7.5-83.el7_6
  • python-debuginfo-0:2.7.5-83.el7_6
  • python-devel-0:2.7.5-83.el7_6
  • python-libs-0:2.7.5-83.el7_6
  • python-test-0:2.7.5-83.el7_6
  • python-tools-0:2.7.5-83.el7_6
  • tkinter-0:2.7.5-83.el7_6

References