Vulnerabilities > CVE-2018-14647 - Missing Initialization of Resource vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3817-1.NASL description It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030) It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000802) It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061) It was discovered that Python failed to initialize Expat last seen 2020-06-01 modified 2020-06-02 plugin id 118954 published 2018-11-14 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118954 title Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : python2.7, python3.4, python3.5 vulnerabilities (USN-3817-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-3817-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(118954); script_version("1.3"); script_cvs_date("Date: 2019/09/18 12:31:48"); script_cve_id("CVE-2018-1000030", "CVE-2018-1000802", "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-14647"); script_xref(name:"USN", value:"3817-1"); script_name(english:"Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : python2.7, python3.4, python3.5 vulnerabilities (USN-3817-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030) It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-1000802) It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061) It was discovered that Python failed to initialize Expat's hash salt. A remote attacker could possibly use this issue to cause hash collisions, leading to a denial of service. (CVE-2018-14647). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/3817-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.4-minimal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:python3.5-minimal"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/08"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/14"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(14\.04|16\.04|18\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 14.04 / 16.04 / 18.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"14.04", pkgname:"python2.7", pkgver:"2.7.6-8ubuntu0.5")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"python2.7-minimal", pkgver:"2.7.6-8ubuntu0.5")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"python3.4", pkgver:"3.4.3-1ubuntu1~14.04.7")) flag++; if (ubuntu_check(osver:"14.04", pkgname:"python3.4-minimal", pkgver:"3.4.3-1ubuntu1~14.04.7")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"python2.7", pkgver:"2.7.12-1ubuntu0~16.04.4")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"python2.7-minimal", pkgver:"2.7.12-1ubuntu0~16.04.4")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"python3.5", pkgver:"3.5.2-2ubuntu0~16.04.5")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"python3.5-minimal", pkgver:"3.5.2-2ubuntu0~16.04.5")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"python2.7", pkgver:"2.7.15~rc1-1ubuntu0.1")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"python2.7-minimal", pkgver:"2.7.15~rc1-1ubuntu0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python2.7 / python2.7-minimal / python3.4 / python3.4-minimal / etc"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0482-1.NASL description This update for python fixes the following issues : Security issues fixed : CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191). CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847). Non-security issue fixed: Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122446 published 2019-02-26 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122446 title SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:0482-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:0482-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(122446); script_version("1.3"); script_cvs_date("Date: 2020/02/07"); script_cve_id("CVE-2018-14647", "CVE-2019-5010"); script_name(english:"SUSE SLED12 / SLES12 Security Update : python (SUSE-SU-2019:0482-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for python fixes the following issues : Security issues fixed : CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191). CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847). Non-security issue fixed: Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1073748" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109847" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1122191" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14647/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-5010/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20190482-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2d7e1e60" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE OpenStack Cloud 7:zypper in -t patch SUSE-OpenStack-Cloud-7-2019-482=1 SUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch SUSE-SLE-WE-12-SP4-2019-482=1 SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2019-482=1 SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-482=1 SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-482=1 SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-482=1 SUSE Linux Enterprise Server 12-SP4:zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-482=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-482=1 SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-482=1 SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-482=1 SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2019-482=1 SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-482=1 SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-482=1 SUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2019-482=1 SUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-482=1 SUSE CaaS Platform ALL : To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. SUSE CaaS Platform 3.0 : To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-482=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-idle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/02/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(1|2|3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1/2/3/4", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3/4", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-demo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-devel-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-gdbm-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-idle-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"1", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-demo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-gdbm-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-idle-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"4", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-demo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-gdbm-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-idle-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-demo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-gdbm-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-idle-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-demo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-gdbm-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-gdbm-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-idle-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-devel-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libpython2_7-1_0-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debuginfo-32bit-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-base-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-curses-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-curses-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-debugsource-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-devel-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-tk-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-tk-debuginfo-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-xml-2.7.13-28.21.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-xml-debuginfo-2.7.13-28.21.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python"); }NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1834.NASL description Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including CVE-2018-14647 Python last seen 2020-06-01 modified 2020-06-02 plugin id 126222 published 2019-06-25 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126222 title Debian DLA-1834-1 : python2.7 security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-1834-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(126222); script_version("1.3"); script_cvs_date("Date: 2020/01/10"); script_cve_id("CVE-2018-14647", "CVE-2019-10160", "CVE-2019-5010", "CVE-2019-9636", "CVE-2019-9740", "CVE-2019-9947", "CVE-2019-9948"); script_name(english:"Debian DLA-1834-1 : python2.7 security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including CVE-2018-14647 Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. CVE-2019-5010 NULL pointer dereference using a specially crafted X509 certificate. CVE-2019-9636 Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization resulting in information disclosure (credentials, cookies, etc. that are cached against a given hostname). A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. CVE-2019-9740 An issue was discovered in urllib2 where CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the query string after a ? character) followed by an HTTP header or a Redis command. CVE-2019-9947 An issue was discovered in urllib2 where CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. CVE-2019-9948 urllib supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. CVE-2019-10160 A security regression of CVE-2019-9636 was discovered which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. For Debian 8 'Jessie', these problems have been fixed in version 2.7.9-2+deb8u3. We recommend that you upgrade your python2.7 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/python2.7" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-9948"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:idle-python2.7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-minimal"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-stdlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libpython2.7-testsuite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-examples"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7-minimal"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2019/06/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"idle-python2.7", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7-dbg", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7-dev", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7-minimal", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7-stdlib", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"libpython2.7-testsuite", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7-dbg", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7-dev", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7-doc", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7-examples", reference:"2.7.9-2+deb8u3")) flag++; if (deb_check(release:"8.0", prefix:"python2.7-minimal", reference:"2.7.9-2+deb8u3")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4306.NASL description Multiple security issues were discovered in Python: ElementTree failed to initialise Expat last seen 2020-06-01 modified 2020-06-02 plugin id 117812 published 2018-09-28 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117812 title Debian DSA-4306-1 : python2.7 - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4306. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(117812); script_version("1.4"); script_cvs_date("Date: 2018/12/19 13:21:17"); script_cve_id("CVE-2018-1000802", "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-14647"); script_xref(name:"DSA", value:"4306"); script_name(english:"Debian DSA-4306-1 : python2.7 - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple security issues were discovered in Python: ElementTree failed to initialise Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/python2.7" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/python2.7" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4306" ); script_set_attribute( attribute:"solution", value: "Upgrade the python2.7 packages. For the stable distribution (stretch), these problems have been fixed in version 2.7.13-2+deb9u3." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:python2.7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/09/28"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"9.0", prefix:"idle-python2.7", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7-dbg", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7-dev", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7-minimal", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7-stdlib", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"libpython2.7-testsuite", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7-dbg", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7-dev", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7-doc", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7-examples", reference:"2.7.13-2+deb9u3")) flag++; if (deb_check(release:"9.0", prefix:"python2.7-minimal", reference:"2.7.13-2+deb9u3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1055.NASL description According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: Missing salt initialization in _elementtree.c module(CVE-2018-14647) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2019-02-22 plugin id 122382 published 2019-02-22 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122382 title EulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(122382); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/04"); script_cve_id( "CVE-2018-1060", "CVE-2018-1061", "CVE-2018-14647" ); script_name(english:"EulerOS 2.0 SP2 : python (EulerOS-SA-2019-1055)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: Missing salt initialization in _elementtree.c module(CVE-2018-14647) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1055 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e7434d4e"); script_set_attribute(attribute:"solution", value: "Update the affected python packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2019/02/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/22"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:tkinter"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) || sp !~ "^(2)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP2", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu); flag = 0; pkgs = ["python-2.7.5-58.h10", "python-devel-2.7.5-58.h10", "python-libs-2.7.5-58.h10", "tkinter-2.7.5-58.h10"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"2", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python"); }NASL family Fedora Local Security Checks NASL id FEDORA_2018-D3B53D81E6.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120821 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120821 title Fedora 28 : python26 (2018-d3b53d81e6) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-d3b53d81e6. # include("compat.inc"); if (description) { script_id(120821); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-14647"); script_xref(name:"FEDORA", value:"2018-d3b53d81e6"); script_name(english:"Fedora 28 : python26 (2018-d3b53d81e6)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-d3b53d81e6" ); script_set_attribute( attribute:"solution", value:"Update the affected python26 package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:python26"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:28"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^28([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 28", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC28", reference:"python26-2.6.9-17.fc28")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python26"); }NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3156-1.NASL description This update for python fixes the following issue : CVE-2018-14647: Python last seen 2020-06-01 modified 2020-06-02 plugin id 118171 published 2018-10-17 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118171 title SUSE SLES11 Security Update : python (SUSE-SU-2018:3156-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:3156-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(118171); script_version("1.4"); script_cvs_date("Date: 2019/09/10 13:51:49"); script_cve_id("CVE-2018-14647"); script_name(english:"SUSE SLES11 Security Update : python (SUSE-SU-2018:3156-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for python fixes the following issue : CVE-2018-14647: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM (bsc#1109847) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1109847" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14647/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20183156-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?478b49e9" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-python-13818=1 SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-python-13818=1 SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-python-13818=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpython2_6-1_0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-curses"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-demo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-gdbm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-idle"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-tk"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-xml"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/25"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/17"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"libpython2_6-1_0-32bit-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"python-32bit-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"x86_64", reference:"python-base-32bit-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"libpython2_6-1_0-32bit-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"python-32bit-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", cpu:"s390x", reference:"python-base-32bit-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"libpython2_6-1_0-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-base-2.6.9-40.21.1")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-curses-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-demo-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-gdbm-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-idle-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-tk-2.6.9-40.21.2")) flag++; if (rpm_check(release:"SLES11", sp:"4", reference:"python-xml-2.6.9-40.21.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python"); }NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1357.NASL description According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python last seen 2020-06-01 modified 2020-06-02 plugin id 124735 published 2019-05-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124735 title EulerOS Virtualization 2.5.3 : python (EulerOS-SA-2019-1357) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-1101.NASL description Python last seen 2020-06-01 modified 2020-06-02 plugin id 118805 published 2018-11-08 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118805 title Amazon Linux AMI : python35 (ALAS-2018-1101) NASL family Fedora Local Security Checks NASL id FEDORA_2019-0C91CE7B3C.NASL description Update legacy Python to 2.7.16. Most significant improvement is that is builds against OpenSSL 1.1.1. See [upstream release announcement](https://www.python.org/downloads/release/python-2716/) and [changelog](https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7 .16.rst) (+ [rc1 changelog](https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7. 16rc1.rst)). Fixes the following CVEs : - [CVE-2019-5010](https://access.redhat.com/security/cve/c ve-2019-5010) Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A malicious or buggy certificate can result into segfault. Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. - [CVE-2013-1752](https://access.redhat.com/security/cve/c ve-2013-1752): Change use of readline() in `imaplib.IMAP4_SSL` to limit line length. ([CVE-2018-14647](https://access.redhat.com/security/cve/cve-2018-1464 7) is listed in upstream changelog, but it was already backported in Fedora.) Note that Python 2 is deprecated in Fedora 30 and users are advised to switch to Python 3. Upstream support of Python 2 ends on 2020-01-01. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124470 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124470 title Fedora 30 : python2 / python2-docs (2019-0c91ce7b3c) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-1132.NASL description Python last seen 2020-03-28 modified 2018-12-20 plugin id 119786 published 2018-12-20 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119786 title Amazon Linux 2 : python3 (ALAS-2018-1132) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0229_PYTHON.NASL description The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python packages installed that are affected by multiple vulnerabilities: - An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. (CVE-2019-5010) - urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen( last seen 2020-06-01 modified 2020-06-02 plugin id 132508 published 2019-12-31 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/132508 title NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2019-0229) NASL family Fedora Local Security Checks NASL id FEDORA_2018-5ED8FB9EFA.NASL description Update to 3.6.7 Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120458 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120458 title Fedora 28 : python3 (2018-5ed8fb9efa) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2019-2030.NASL description An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es) : * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 127651 published 2019-08-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127651 title RHEL 7 : python (RHSA-2019:2030) NASL family Fedora Local Security Checks NASL id FEDORA_2018-BBBD8CC3A6.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120744 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120744 title Fedora 28 : python33 (2018-bbbd8cc3a6) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1346.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1346 advisory. - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-07 plugin id 135247 published 2020-04-07 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135247 title RHEL 7 : python (RHSA-2020:1346) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1434.NASL description According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that Python last seen 2020-06-01 modified 2020-06-02 plugin id 124937 published 2019-05-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124937 title EulerOS Virtualization 3.0.1.0 : python (EulerOS-SA-2019-1434) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-2_0-0118_PYTHON2.NASL description An update of the python2 package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 122026 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122026 title Photon OS 2.0: Python2 PHSA-2019-2.0-0118 NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-292.NASL description This update for python fixes the following issues : Security issues fixed : - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191). - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847). Non-security issue fixed : - Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748). This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 122642 published 2019-03-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122642 title openSUSE Security Update : python (openSUSE-2019-292) NASL family Fedora Local Security Checks NASL id FEDORA_2018-71FD5DB181.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120526 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120526 title Fedora 29 : python26 (2018-71fd5db181) NASL family Fedora Local Security Checks NASL id FEDORA_2018-4544E8DBC8.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120386 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120386 title Fedora 29 : python34 (2018-4544e8dbc8) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1626.NASL description According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Python last seen 2020-06-01 modified 2020-06-02 plugin id 125578 published 2019-05-30 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125578 title EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2019-1626) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1338.NASL description According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Python last seen 2020-05-06 modified 2019-05-06 plugin id 124624 published 2019-05-06 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124624 title EulerOS 2.0 SP5 : python (EulerOS-SA-2019-1338) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2019-062-01.NASL description New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122577 published 2019-03-04 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122577 title Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2019-062-01) NASL family Fedora Local Security Checks NASL id FEDORA_2018-AC14DBF3FD.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120699 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120699 title Fedora 29 : python35 (2018-ac14dbf3fd) NASL family Fedora Local Security Checks NASL id FEDORA_2018-2BF852F063.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120315 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120315 title Fedora 28 : python2 (2018-2bf852f063) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2019-2030.NASL description An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es) : * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) * python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) * python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) * python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section. last seen 2020-06-01 modified 2020-06-02 plugin id 128333 published 2019-08-30 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128333 title CentOS 7 : python (CESA-2019:2030) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2018-1132.NASL description Python last seen 2020-03-28 modified 2018-12-21 plugin id 119812 published 2018-12-21 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119812 title Amazon Linux AMI : python34 / python36 (ALAS-2018-1132) NASL family Fedora Local Security Checks NASL id FEDORA_2018-EE97FC9E81.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120887 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120887 title Fedora 29 : python2 (2018-ee97fc9e81) NASL family Fedora Local Security Checks NASL id FEDORA_2018-937E8A39C4.NASL description Updated to 3.6.7, including security fix for CVE-2018-14647. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120624 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120624 title Fedora 29 : python36 (2018-937e8a39c4) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0234-1.NASL description This update for python fixes the following issues : Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions (bsc#1159035). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 133259 published 2020-01-27 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133259 title SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2020:0234-1) (BEAST) (httpoxy) NASL family Scientific Linux Local Security Checks NASL id SL_20190806_PYTHON_ON_SL7_X.NASL description Security Fix(es) : - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) last seen 2020-03-18 modified 2019-08-27 plugin id 128254 published 2019-08-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128254 title Scientific Linux Security Update : python on SL7.x x86_64 (20190806) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-2019.NASL description According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A security regression of CVE-2019-9636 was discovered in python, since commit d537ab0ff9767ef024f26246899728f0116b1ec3, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.(CVE-2019-10160) - urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen( last seen 2020-05-08 modified 2019-09-24 plugin id 129212 published 2019-09-24 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129212 title EulerOS 2.0 SP3 : python (EulerOS-SA-2019-2019) NASL family SuSE Local Security Checks NASL id SUSE_SU-2020-0114-1.NASL description This update for python3 to version 3.6.10 fixes the following issues : CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 133036 published 2020-01-17 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133036 title SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2020:0114-1) (BEAST) (httpoxy) NASL family Fedora Local Security Checks NASL id FEDORA_2018-B6DE5FC905.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-10-22 plugin id 118241 published 2018-10-22 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118241 title Fedora 27 : python2 (2018-b6de5fc905) NASL family SuSE Local Security Checks NASL id OPENSUSE-2020-86.NASL description This update for python3 to version 3.6.10 fixes the following issues : - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 133172 published 2020-01-22 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/133172 title openSUSE Security Update : python3 (openSUSE-2020-86) (BEAST) (httpoxy) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2053-1.NASL description This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document (bsc#1109847). CVE-2018-1000802: Fixed a command injection in the shutil module (bsc#1109663). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 127768 published 2019-08-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127768 title SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2019:2053-1) NASL family Fedora Local Security Checks NASL id FEDORA_2018-7689556AB2.NASL description Security fix for CVE-2018-14647 (#1631822) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120539 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120539 title Fedora 28 : python35 (2018-7689556ab2) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-2053-2.NASL description This update for python3 fixes the following issues : CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document (bsc#1109847). CVE-2018-1000802: Fixed a command injection in the shutil module (bsc#1109663). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 128019 published 2019-08-20 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128019 title SUSE SLES12 Security Update : python3 (SUSE-SU-2019:2053-2) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1462.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1462 advisory. - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-14 plugin id 135459 published 2020-04-14 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135459 title RHEL 7 : python (RHSA-2020:1462) NASL family Fedora Local Security Checks NASL id FEDORA_2018-A2C1453607.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-10-26 plugin id 118410 published 2018-10-26 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118410 title Fedora 27 : python35 (2018-a2c1453607) NASL family Fedora Local Security Checks NASL id FEDORA_2018-28EA2290AD.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-11-13 plugin id 118896 published 2018-11-13 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118896 title Fedora 27 : python33 (2018-28ea2290ad) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-1_0-0203_PYTHON2.NASL description An update of the python2 package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 122018 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122018 title Photon OS 1.0: Python2 PHSA-2019-1.0-0203 NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4307.NASL description Multiple security issues were discovered in Python: ElementTree failed to initialise Expat last seen 2020-06-01 modified 2020-06-02 plugin id 117838 published 2018-10-01 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117838 title Debian DSA-4307-1 : python3.5 - security update NASL family Fedora Local Security Checks NASL id FEDORA_2018-49D6E4BC3F.NASL description Update to 3.7.1 ---- Security fix for CVE-2018-14647 (#1631822) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120395 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120395 title Fedora 28 : python37 (2018-49d6e4bc3f) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2020-1268.NASL description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1268 advisory. - python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib (CVE-2018-1060) - python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib (CVE-2018-1061) - python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) - python: CRLF injection via the query part of the url passed to urlopen() (CVE-2019-9740) - python: CRLF injection via the path part of the url passed to urlopen() (CVE-2019-9947) - python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms (CVE-2019-9948) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-23 modified 2020-04-01 plugin id 135089 published 2020-04-01 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135089 title RHEL 7 : python (RHSA-2020:1268) NASL family Fedora Local Security Checks NASL id FEDORA_2018-14526CBEBE.NASL description Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-10-26 plugin id 118409 published 2018-10-26 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118409 title Fedora 27 : python26 (2018-14526cbebe) NASL family Fedora Local Security Checks NASL id FEDORA_2018-9860917DB0.NASL description Update to 3.7.1, Security fix for CVE-2018-14647 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2019-01-03 plugin id 120640 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120640 title Fedora 29 : python3 (2018-9860917db0) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0187_PYTHON.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities: - Python last seen 2020-06-01 modified 2020-06-02 plugin id 129884 published 2019-10-15 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129884 title NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0187)
Redhat
| advisories |
| ||||||||||||
| rpms |
|
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14647
- https://bugs.python.org/issue34623
- http://www.securityfocus.com/bid/105396
- https://www.debian.org/security/2018/dsa-4306
- https://www.debian.org/security/2018/dsa-4307
- http://www.securitytracker.com/id/1041740
- https://usn.ubuntu.com/3817-1/
- https://usn.ubuntu.com/3817-2/
- https://access.redhat.com/errata/RHSA-2019:1260
- https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html
- https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
- https://access.redhat.com/errata/RHSA-2019:2030
- https://access.redhat.com/errata/RHSA-2019:3725
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RBJCB2HWOJLP3L7CUQHJHNBHLSVOXJE5/
- https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E