|Category:||Mandrake Local Security Checks|
|Title:||Mandrake Security Advisory MDKSA-2006:181 (python)|
|Summary:||Mandrake Security Advisory MDKSA-2006:181 (python)|
The remote host is missing an update to python
announced via advisory MDKSA-2006:181.
A vulnerability in python's repr() function was discovered by Benjamin
C. Wiley Sittler. It was found that the function did not properly
handle UTF-32/UCS-4 strings, so an application that used repr() on
certin untrusted data could possibly be exploited to execute arbitrary
code with the privileges of the user running the python application.
Updated packages have been patched to correct this issue.
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2006-4980|
Bugtraq: 20061011 rPSA-2006-0187-1 idle python (Google Search)
Bugtraq: 20070110 VMware ESX server security updates (Google Search)
Debian Security Information: DSA-1197 (Google Search)
Debian Security Information: DSA-1198 (Google Search)
SGI Security Advisory: 20061001-01-P
SuSE Security Announcement: SUSE-SR:2006:025 (Google Search)
BugTraq ID: 20376
XForce ISS Database: python-repr-bo(29408)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.