 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.870395 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Update for python RHSA-2011:0260-01 |
| Resumen: | The remote host is missing an update for the 'python'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'python' package(s) announced via the referenced advisory. Vulnerability Insight: Python is an interpreted, interactive, object-oriented programming language. Multiple flaws were found in the Python rgbimg module. If an application written in Python was using the rgbimg module and loaded a specially-crafted SGI image file, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-4134, CVE-2010-1449, CVE-2010-1450) This update also fixes the following bugs: * Python 2.3.4's time.strptime() function did not correctly handle the '%W' week number format string. This update backports the _strptime implementation from Python 2.3.6, fixing this issue. (BZ#436001) * Python 2.3.4's socket.htons() function returned partially-uninitialized data on IBM System z, generally leading to incorrect results. (BZ#513341) * Python 2.3.4's pwd.getpwuid() and grp.getgrgid() functions did not support the full range of user and group IDs on 64-bit architectures, leading to 'OverflowError' exceptions for large input values. This update adds support for the full range of user and group IDs on 64-bit architectures. (BZ#497540) Users of Python should upgrade to these updated packages, which contain backported patches to correct these issues. Affected Software/OS: python on Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4 Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-4134 40361 http://www.securityfocus.com/bid/40361 42888 http://secunia.com/advisories/42888 43068 http://secunia.com/advisories/43068 43364 http://secunia.com/advisories/43364 ADV-2011-0122 http://www.vupen.com/english/advisories/2011/0122 ADV-2011-0212 http://www.vupen.com/english/advisories/2011/0212 ADV-2011-0413 http://www.vupen.com/english/advisories/2011/0413 APPLE-SA-2010-11-10-1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html MDVSA-2010:215 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 RHSA-2011:0027 http://www.redhat.com/support/errata/RHSA-2011-0027.html RHSA-2011:0260 http://www.redhat.com/support/errata/RHSA-2011-0260.html SUSE-SR:2011:002 http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://bugs.python.org/issue8678 http://support.apple.com/kb/HT4435 https://bugzilla.redhat.com/show_bug.cgi?id=541698 Common Vulnerability Exposure (CVE) ID: CVE-2010-1449 40363 http://www.securityfocus.com/bid/40363 Common Vulnerability Exposure (CVE) ID: CVE-2010-1450 40365 http://www.securityfocus.com/bid/40365 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |