Test ID:	1.3.6.1.4.1.25623.1.0.58378
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:099 (python)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to python announced via advisory MDKSA-2007:099. An off-by-one error was discovered in the PyLocale_strxfrm function in Python 2.4 and 2.5 that could allow context-dependent attackers the ability to read portions of memory via special manipulations that trigger a buffer over-read due to missing null termination. The updated packages have been patched to correct this issue. Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:099 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2052 BugTraq ID: 23887 http://www.securityfocus.com/bid/23887 Bugtraq: 20070521 FLEA-2007-0019-1: python (Google Search) http://www.securityfocus.com/archive/1/469294/30/6450/threaded Bugtraq: 20080221 VMSA-2008-0003 Moderate: Updated aacraid driver and samba and python service console updates (Google Search) http://www.securityfocus.com/archive/1/488457/100/0/threaded Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Debian Security Information: DSA-1551 (Google Search) http://www.debian.org/security/2008/dsa-1551 Debian Security Information: DSA-1620 (Google Search) http://www.debian.org/security/2008/dsa-1620 http://www.mandriva.com/security/advisories?name=MDKSA-2007:099 http://lists.vmware.com/pipermail/security-announce/2008/000005.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11716 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8353 http://www.redhat.com/support/errata/RHSA-2007-1076.html http://www.redhat.com/support/errata/RHSA-2007-1077.html http://www.redhat.com/support/errata/RHSA-2008-0629.html http://secunia.com/advisories/25190 http://secunia.com/advisories/25217 http://secunia.com/advisories/25233 http://secunia.com/advisories/25353 http://secunia.com/advisories/25787 http://secunia.com/advisories/28027 http://secunia.com/advisories/28050 http://secunia.com/advisories/29032 http://secunia.com/advisories/29303 http://secunia.com/advisories/29889 http://secunia.com/advisories/31255 http://secunia.com/advisories/31492 http://secunia.com/advisories/37471 SuSE Security Announcement: SUSE-SR:2007:013 (Google Search) http://www.novell.com/linux/security/advisories/2007_13_sr.html http://www.trustix.org/errata/2007/0019/ http://www.ubuntu.com/usn/usn-585-1 http://www.vupen.com/english/advisories/2007/1465 http://www.vupen.com/english/advisories/2008/0637 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: python-localemodule-information-disclosure(34060) https://exchange.xforce.ibmcloud.com/vulnerabilities/34060
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.