Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200807-16 (python)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.61391

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200807-16 (python)

Resumen: The remote host is missing updates announced in;advisory GLSA 200807-16.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200807-16.

Vulnerability Insight:
Multiple vulnerabilities in Python may allow for the execution of arbitrary
code.

Solution:
All Python 2.4 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.4-r14'

All Python 2.5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.2-r6'

Please note that Python 2.3 is masked since June 24, and we will not be
releasing updates to it. It will be removed from the tree in the near
future.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-2315
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
BugTraq ID: 30491
http://www.securityfocus.com/bid/30491
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
http://www.securityfocus.com/archive/1/507985/100/0/threaded
Debian Security Information: DSA-1667 (Google Search)
http://www.debian.org/security/2008/dsa-1667
http://security.gentoo.org/glsa/glsa-200807-16.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:163
http://www.mandriva.com/security/advisories?name=MDVSA-2008:164
http://www.openwall.com/lists/oss-security/2008/11/05/2
http://www.openwall.com/lists/oss-security/2008/11/05/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761
http://secunia.com/advisories/31305
http://secunia.com/advisories/31332
http://secunia.com/advisories/31358
http://secunia.com/advisories/31365
http://secunia.com/advisories/31518
http://secunia.com/advisories/31687
http://secunia.com/advisories/32793
http://secunia.com/advisories/33937
http://secunia.com/advisories/37471
http://secunia.com/advisories/38675
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289
SuSE Security Announcement: SUSE-SR:2008:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://www.ubuntu.com/usn/usn-632-1
http://www.vupen.com/english/advisories/2008/2288
http://www.vupen.com/english/advisories/2009/3316
XForce ISS Database: python-modules-bo(44172)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44172
XForce ISS Database: python-multiple-bo(44173)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44173
Common Vulnerability Exposure (CVE) ID: CVE-2008-2316
Bugtraq: 20080813 rPSA-2008-0243-1 idle python (Google Search)
http://www.securityfocus.com/archive/1/495445/100/0/threaded
http://secunia.com/advisories/31473
XForce ISS Database: python-hashlib-overflow(44174)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44174
Common Vulnerability Exposure (CVE) ID: CVE-2008-3142
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11466
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8422
XForce ISS Database: python-unicode-bo(44170)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44170
Common Vulnerability Exposure (CVE) ID: CVE-2008-3143
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7720
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8996
Common Vulnerability Exposure (CVE) ID: CVE-2008-3144
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10170
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7725
XForce ISS Database: python-pyosvsnprintf-bo(44171)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44171

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.61391
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200807-16 (python)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200807-16.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200807-16. Vulnerability Insight: Multiple vulnerabilities in Python may allow for the execution of arbitrary code. Solution: All Python 2.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.4-r14' All Python 2.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.2-r6' Please note that Python 2.3 is masked since June 24, and we will not be releasing updates to it. It will be removed from the tree in the near future. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2315 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html BugTraq ID: 30491 http://www.securityfocus.com/bid/30491 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Debian Security Information: DSA-1667 (Google Search) http://www.debian.org/security/2008/dsa-1667 http://security.gentoo.org/glsa/glsa-200807-16.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:163 http://www.mandriva.com/security/advisories?name=MDVSA-2008:164 http://www.openwall.com/lists/oss-security/2008/11/05/2 http://www.openwall.com/lists/oss-security/2008/11/05/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8445 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8683 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9761 http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31518 http://secunia.com/advisories/31687 http://secunia.com/advisories/32793 http://secunia.com/advisories/33937 http://secunia.com/advisories/37471 http://secunia.com/advisories/38675 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.525289 SuSE Security Announcement: SUSE-SR:2008:017 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://www.ubuntu.com/usn/usn-632-1 http://www.vupen.com/english/advisories/2008/2288 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: python-modules-bo(44172) https://exchange.xforce.ibmcloud.com/vulnerabilities/44172 XForce ISS Database: python-multiple-bo(44173) https://exchange.xforce.ibmcloud.com/vulnerabilities/44173 Common Vulnerability Exposure (CVE) ID: CVE-2008-2316 Bugtraq: 20080813 rPSA-2008-0243-1 idle python (Google Search) http://www.securityfocus.com/archive/1/495445/100/0/threaded http://secunia.com/advisories/31473 XForce ISS Database: python-hashlib-overflow(44174) https://exchange.xforce.ibmcloud.com/vulnerabilities/44174 Common Vulnerability Exposure (CVE) ID: CVE-2008-3142 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11466 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8422 XForce ISS Database: python-unicode-bo(44170) https://exchange.xforce.ibmcloud.com/vulnerabilities/44170 Common Vulnerability Exposure (CVE) ID: CVE-2008-3143 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7720 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8996 Common Vulnerability Exposure (CVE) ID: CVE-2008-3144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10170 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7725 XForce ISS Database: python-pyosvsnprintf-bo(44171) https://exchange.xforce.ibmcloud.com/vulnerabilities/44171
Copyright	Copyright (C) 2008 E-Soft Inc.