Amazon Linux AMI : python27 (ALAS-2018-1108)

Medium Nessus Plugin ID 119467

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop() method. An attacker could use this flaw to cause denial of service.(CVE-2018-1060)

A flaw was found in the way catastrophic backtracking was implemented in python's difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.(CVE-2018-1061)

Solution

Run 'yum update python27' to update your system.

Amazon Linux AMI : python27 (ALAS-2018-1108)

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerability Information

Reference Information