Ubuntu 4.10 : python2.2, python2.3 vulnerability (USN-73-1)
High Nessus Plugin ID 20694
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionThe Python developers discovered a flaw in the SimpleXMLRPCServer module. Python XML-RPC servers that used the register_instance() method to register an object, but do not have a _dispatch() method, allowed remote users to access or change function internals using the im_* and func_* attributes.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected packages.