Vulnerabilità: CVE-2006-4980

Buffer overflow nella funzione repr in Python 2.3 a 2.6 prima 20.060.822 permette attaccanti dipendenti dal contesto di provocare una negazione del servizio ed eventualmente eseguire codice arbitrario tramite predisposti vasta caratteri UTF-32 / UCS-4 stringhe alcuni script.


http://www.securityfocus.com/bid/20376
http://www.securityfocus.com/archive/1/448244/100/100/threaded
http://www.securityfocus.com/archive/1/456546/100/200/threaded
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=391589
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208162
http://kb.vmware.com/KanisaPlatform/Publishing/882/5120103_f.SAL_Public.html
http://sourceforge.net/tracker/index.php?func=detail&aid=1541585&group_id=5470&atid=305470
http://support.avaya.com/elmodocs2/security/ASA-2006-229.htm
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://zoehep.xent.com/~bsittler/python2.4-2.4.3_unicodeobject.c.diff
https://issues.rpath.com/browse/RPL-702
https://launchpad.net/distros/ubuntu/+source/python2.4/+bug/56633
http://www.debian.org/security/2006/dsa-1197
http://www.debian.org/security/2006/dsa-1198
http://security.gentoo.org/glsa/glsa-200610-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:181
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10789
http://www.redhat.com/support/errata/RHSA-2006-0713.html
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://securitytracker.com/id?1017019
http://secunia.com/advisories/22276
http://secunia.com/advisories/22297
http://secunia.com/advisories/22303
http://secunia.com/advisories/22357
http://secunia.com/advisories/22358
http://secunia.com/advisories/22379
http://secunia.com/advisories/22448
http://secunia.com/advisories/22487
http://secunia.com/advisories/22512
http://secunia.com/advisories/22531
http://secunia.com/advisories/22639
http://secunia.com/advisories/23680
http://secunia.com/advisories/31492
http://www.novell.com/linux/security/advisories/2006_25_sr.html
http://www.ubuntu.com/usn/usn-359-1
http://www.vupen.com/english/advisories/2006/3940
http://www.vupen.com/english/advisories/2006/5131
https://exchange.xforce.ibmcloud.com/vulnerabilities/29408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980


E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi