Lucene search
Copyright (C) 2008 E-Soft Inc.OPENVAS:136141256231053156HistoryJan 17, 2008 - 12:00 a.m.
Debian Security Advisory DSA 458-1 (python2.2)
2008-01-1700:00:00
Copyright (C) 2008 E-Soft Inc.
plugins.openvas.org
7
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.068
Percentile
93.9%
The remote host is missing an update to python2.2 announced via advisory DSA 458-1.
This VT has been merged into the VT
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.53156");
script_version("2023-06-29T08:15:14+0000");
script_tag(name:"last_modification", value:"2023-06-29 08:15:14 +0000 (Thu, 29 Jun 2023)");
script_tag(name:"creation_date", value:"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)");
script_cve_id("CVE-2004-0150");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian Security Advisory DSA 458-1 (python2.2)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("Debian Local Security Checks");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20458-1");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/9836");
script_tag(name:"insight", value:"Sebastian Schmidt discovered a buffer overflow bug in Python's
getaddrinfo function, which could allow an IPv6 address, supplied by a
remote attacker via DNS, to overwrite memory on the stack.
This bug only exists in python 2.2 and 2.2.1, and only when IPv6
support is disabled. The python2.2 package in Debian woody meets
these conditions (the 'python' package does not).
For the stable distribution (woody), this bug has been fixed in
version 2.2.1-4.3.
The unstable distribution (sid) is not affected by this bug.
We recommend that you update your python2.2 package.");
script_tag(name:"summary", value:"The remote host is missing an update to python2.2 announced via advisory DSA 458-1.
This VT has been merged into the VT 'Debian: Security Advisory (DSA-458)' (OID: 1.3.6.1.4.1.25623.1.0.53709).");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);Related
cve
cve
CVE-2004-0150
2004-09-01 04:00:00
securityvulns
securityvulns
nessus
nessus
Debian DSA-458-3 : python2.2 - buffer overflow
2004-09-29 00:00:00
GLSA-200409-03 : Python 2.2: Buffer overflow in getaddrinfo()
2004-09-03 00:00:00
Mandrake Linux Security Advisory : python (MDKSA-2004:019)
2004-07-31 00:00:00
debian
debian
cvelist
cvelist
CVE-2004-0150
2004-09-01 04:00:00
nvd
nvd
CVE-2004-0150
2004-04-15 04:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200409-03 (Python)
2008-09-24 00:00:00
Debian Security Advisory DSA 458-2 (python2.2)
2008-01-17 00:00:00
Debian Security Advisory DSA 458-2 (python2.2)
2008-01-17 00:00:00
gentoo
gentoo
Python 2.2: Buffer overflow in getaddrinfo()
2004-09-02 00:00:00
osv
osv
python2.2 - buffer overflow
2004-10-10 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.068
Percentile
93.9%
Related for OPENVAS:136141256231053156