Lucene search
DebianDEBIAN:DLA-25-1:0FCA7HistoryJul 31, 2014 - 9:07 p.m.
[DLA 25-1] python2.6 security update
2014-07-3121:07:32
lists.debian.org
16
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.2 High
AI Score
Confidence
Low
0.53 Medium
EPSS
Percentile
97.6%
Package : python2.6
Version : 2.6.6-8+deb6u1
CVE ID : CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944
CVE-2012-0845 CVE-2012-1150 CVE-2013-4238 CVE-2014-1912
Multiple vulnerabilities were discovered in python2.6. The more
relevant are:
CVE-2013-4238
Incorrect handling of NUL bytes in certificate hostnames may allow
server spoofing via specially-crafted certificates signed by
a trusted Certification Authority.
CVE-2014-1912
Buffer overflow in socket.recvfrom_into leading to application
crash and possibly code execution.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 6 | i386 | libpython2.6 | < 2.6.6-8+deb6u1 | libpython2.6_2.6.6-8+deb6u1_i386.deb |
| Debian | 6 | i386 | python2.6-dev | < 2.6.6-8+deb6u1 | python2.6-dev_2.6.6-8+deb6u1_i386.deb |
| Debian | 6 | i386 | python2.6 | < 2.6.6-8+deb6u1 | python2.6_2.6.6-8+deb6u1_i386.deb |
| Debian | 6 | all | idle-python2.6 | < 2.6.6-8+deb6u1 | idle-python2.6_2.6.6-8+deb6u1_all.deb |
| Debian | 6 | i386 | python2.6-dbg | < 2.6.6-8+deb6u1 | python2.6-dbg_2.6.6-8+deb6u1_i386.deb |
| Debian | 6 | amd64 | python2.6-minimal | < 2.6.6-8+deb6u1 | python2.6-minimal_2.6.6-8+deb6u1_amd64.deb |
| Debian | 6 | i386 | python2.6-minimal | < 2.6.6-8+deb6u1 | python2.6-minimal_2.6.6-8+deb6u1_i386.deb |
| Debian | 6 | amd64 | libpython2.6 | < 2.6.6-8+deb6u1 | libpython2.6_2.6.6-8+deb6u1_amd64.deb |
| Debian | 6 | amd64 | python2.6-dbg | < 2.6.6-8+deb6u1 | python2.6-dbg_2.6.6-8+deb6u1_amd64.deb |
| Debian | 6 | all | python2.6-doc | < 2.6.6-8+deb6u1 | python2.6-doc_2.6.6-8+deb6u1_all.deb |
Related
openvas
openvas
Debian: Security Advisory (DLA-25-1)
2023-03-08 00:00:00
Ubuntu Update for python2.7 USN-1592-1
2012-10-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0642-1)
2021-06-09 00:00:00
osv
osv
python2.6 - security update
2014-07-31 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
python2.6 - regression update
2014-07-31 00:00:00
nessus
nessus
f5
f5
ubuntu
ubuntu
Python 2.7 vulnerabilities
2012-10-02 00:00:00
Python 2.6 vulnerabilities
2012-10-04 00:00:00
Python 3.2 vulnerabilities
2012-10-23 00:00:00
redhat
redhat
(RHSA-2012:0744) Moderate: python security update
2012-06-18 00:00:00
(RHSA-2012:0745) Moderate: python security update
2012-06-18 00:00:00
(RHSA-2011:0554) Moderate: python security, bug fix, and enhancement update
2011-05-19 00:00:00
centos
centos
python, tkinter security update
2012-06-18 16:35:36
python, tkinter security update
2012-06-18 13:11:45
python, tkinter security update
2011-05-05 20:50:48
amazon
amazon
Low: python26
2012-07-05 16:16:00
Medium: python27
2014-02-26 14:28:00
Medium: python26
2014-02-26 14:28:00
veracode
veracode
Information Disclosure
2019-05-02 04:41:53
Denial Of Service (DoS)
2019-05-02 04:41:53
Cross-site Scripting (XSS)
2019-01-15 08:52:09
oraclelinux
oraclelinux
python security update
2012-06-18 00:00:00
python security update
2012-06-18 00:00:00
python security update
2011-05-05 00:00:00
securityvulns
securityvulns
python multiple security vulnerabilities
2012-07-29 00:00:00
[ MDVSA-2012:096-1 ] python
2012-07-09 00:00:00
python security vulnerabilities
2011-05-25 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 2880-1] python2.7 security update
2014-03-17 18:07:37
fedora
fedora
[SECURITY] Fedora 15 Update: python3-3.2.3-1.fc15
2012-05-03 07:28:39
[SECURITY] Fedora 17 Update: python-2.7.3-3.fc17
2012-05-02 04:50:10
[SECURITY] Fedora 16 Update: python-2.7.3-1.fc16
2012-05-06 01:26:43
prion
prion
Cross site scripting
2012-06-27 10:18:00
Race condition
2012-08-27 23:55:00
Buffer overflow
2014-03-01 00:55:00
debiancve
debiancve
cve
cve
seebug
seebug
python 'distutils' Component '~/.pypirc'本地竞争条件漏洞
2012-03-29 00:00:00
Python SimpleHTTPServer 'list_directory()'函数跨站脚本漏洞
2012-06-23 00:00:00
Python "sock_recvfrom_into()" 缓冲区溢出漏洞
2014-02-25 00:00:00
cvelist
cvelist
jvn
jvn
JVN#51176027: Python SimpleHTTPServer vulnerable to cross-site scripting
2012-06-19 00:00:00
nvd
nvd
ubuntucve
ubuntucve
gentoo
gentoo
Python: Multiple vulnerabilities
2014-01-06 00:00:00
vmware
vmware
VMware security updates for vSphere API and ESX Service Console
2012-11-15 00:00:00
zdt
zdt
Python socket.recvfrom_into() remote buffer overflow exploit
2014-02-23 00:00:00
exploitpack
exploitpack
Python - socket.recvfrom_into() Remote Buffer Overflow
2014-02-24 00:00:00
freebsd
freebsd
Python -- buffer overflow in socket.recvfrom_into()
2014-01-14 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.2 High
AI Score
Confidence
Low
0.53 Medium
EPSS
Percentile
97.6%
Related for DEBIAN:DLA-25-1:0FCA7