Summary
The host is installed with Python, which is prone to multiple vulnerabilities.
Impact
Successful exploitation could potentially causes attackers to execute arbitrary code or create a denial of service condition.
Impact Level : Application
Solution
Fix is available in the SVN repository,
http://svn.python.org
Insight
The flaws exists due to integer overflow in,
- hashlib module, which can lead to an unreliable cryptographic digest results.
- the processing of unicode strings.
- the PyOS_vsnprintf() function on architectures that do not have a vsnprintf() function.
- the PyOS_vsnprintf() function when passing zero-length strings can lead to memory corruption.
Affected
Python 2.5.2 and prior on Linux (All).
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Professional JPG Object Processing BOF Vulnerability (Windows)
- Apple iTunes 'itpc:' URI Buffer Overflow Vulnerability
- Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability
- Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
- BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability