Detections
Analytics
Mandriva Linux Security Advisory : python (MDVSA-2009:003)
critical Nessus Plugin ID 36693
Synopsis
The remote Mandriva Linux host is missing one or more security updates.Description
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. (CVE-2008-4864)Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)
The updated Python packages have been patched to correct these issues.
Solution
Update the affected packages.Plugin Details
Severity: Critical
ID: 36693
File Name: mandriva_MDVSA-2009-003.nasl
Version: 1.14
Type: local
Family: Mandriva Local Security Checks
Published: 4/23/2009
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:lib64python2.5-devel, p-cpe:/a:mandriva:linux:lib64python2.5, p-cpe:/a:mandriva:linux:python, p-cpe:/a:mandriva:linux:python-docs, cpe:/o:mandriva:linux:2008.0, p-cpe:/a:mandriva:linux:python-base, p-cpe:/a:mandriva:linux:tkinter, p-cpe:/a:mandriva:linux:libpython2.5-devel, cpe:/o:mandriva:linux:2008.1, p-cpe:/a:mandriva:linux:tkinter-apps, p-cpe:/a:mandriva:linux:libpython2.5, cpe:/o:mandriva:linux:2009.0
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/9/2009
Reference Information
CVE: CVE-2008-4864, CVE-2008-5031
BID: 31976
CWE: 189
MDVSA: 2009:003