|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu Update for python2.7 USN-3817-1|
|Summary:||The remote host is missing an update for the 'python2.7'; package(s) announced via the USN-3817-1 advisory.|
The remote host is missing an update for the 'python2.7'
package(s) announced via the USN-3817-1 advisory.
It was discovered that Python incorrectly handled large amounts of data. A
remote attacker could use this issue to cause Python to crash, resulting in
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1000030)
It was discovered that Python incorrectly handled running external commands
in the shutil module. A remote attacker could use this issue to cause
Python to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2018-1000802)
It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-1060, CVE-2018-1061)
It was discovered that Python failed to initialize Expat's hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. (CVE-2018-14647)
python2.7 on Ubuntu 18.04 LTS,
Ubuntu 16.04 LTS,
Ubuntu 14.04 LTS.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2018-1060|
Debian Security Information: DSA-4306 (Google Search)
Debian Security Information: DSA-4307 (Google Search)
RedHat Security Advisories: RHBA-2019:0327
RedHat Security Advisories: RHSA-2018:3041
RedHat Security Advisories: RHSA-2018:3505
Common Vulnerability Exposure (CVE) ID: CVE-2018-1061
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.