Test ID:	1.3.6.1.4.1.25623.1.0.71045
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1314-1 (python3.1-minimal)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to python3.1-minimal announced via advisory USN-1314-1. Details: Giampaolo Rodola discovered that the smtpd module in Python 3 did not properly handle certain error conditions. A remote attacker could exploit this to cause a denial of service via daemon outage. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-3493) Niels Heinen discovered that the urllib module in Python 3 would process Location headers that specify a file:// URL. A remote attacker could use this to obtain sensitive information or cause a denial of service via resource consumption. (CVE-2011-1521) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: python3.1-minimal 3.1.3-1ubuntu1.1 python3.2-minimal 3.2-1ubuntu1.1 Ubuntu 10.10: python3.1-minimal 3.1.2+20100915-0ubuntu4.1 Ubuntu 10.04 LTS: python3.1-minimal 3.1.2-0ubuntu3.1 http://www.securityspace.com/smysecure/catid.html?in=USN-1314-1 CVSS Score: 6.4 CVSS Vector: AV:L/AC:L/Au:NR/C:P/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3493 BugTraq ID: 44533 http://www.securityfocus.com/bid/44533 http://www.mandriva.com/security/advisories?name=MDVSA-2010:215 http://www.mandriva.com/security/advisories?name=MDVSA-2010:216 http://bugs.python.org/issue6706 https://bugs.launchpad.net/zodb/+bug/135108 http://www.openwall.com/lists/oss-security/2010/09/09/6 http://www.openwall.com/lists/oss-security/2010/09/11/2 http://www.openwall.com/lists/oss-security/2010/09/22/3 http://www.openwall.com/lists/oss-security/2010/09/24/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12210 http://secunia.com/advisories/43068 http://secunia.com/advisories/50858 http://secunia.com/advisories/51024 http://secunia.com/advisories/51040 SuSE Security Announcement: SUSE-SR:2010:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.ubuntu.com/usn/USN-1596-1 http://www.ubuntu.com/usn/USN-1613-1 http://www.ubuntu.com/usn/USN-1613-2 http://www.vupen.com/english/advisories/2011/0212 Common Vulnerability Exposure (CVE) ID: CVE-2011-1521 http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:096 http://openwall.com/lists/oss-security/2011/03/24/5 http://openwall.com/lists/oss-security/2011/03/28/2 http://openwall.com/lists/oss-security/2011/09/11/1 http://openwall.com/lists/oss-security/2011/09/13/2 http://openwall.com/lists/oss-security/2011/09/15/5 http://securitytracker.com/id?1025488 SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.ubuntu.com/usn/USN-1592-1
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.