ID de Prueba:	1.3.6.1.4.1.25623.1.0.123901
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2012-0744)
Resumen:	The remote host is missing an update for the 'python' package(s) announced via the ELSA-2012-0744 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python' package(s) announced via the ELSA-2012-0744 advisory. Vulnerability Insight: [2.6.6-29.el6_2.2] - if hash randomization is enabled, also enable it within pyexpat Resolves: CVE-2012-0876 [2.6.6-29.el6_2.1] - distutils.config: create ~ /.pypirc securely Resolves: CVE-2011-4944 - fix endless loop in SimpleXMLRPCServer upon malformed POST request Resolves: CVE-2012-0845 - send encoding in SimpleHTTPServer.list_directory to protect IE7 against potential XSS attacks Resolves: CVE-2011-4940 - oCERT-2011-003: add -R command-line option and PYTHONHASHSEED environment variable, to provide an opt-in way to protect against denial of service attacks due to hash collisions within the dict and set types Resolves: CVE-2012-1150 Affected Software/OS: 'python' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4940 50858 http://secunia.com/advisories/50858 51024 http://secunia.com/advisories/51024 51040 http://secunia.com/advisories/51040 54083 http://www.securityfocus.com/bid/54083 JVN#51176027 http://jvn.jp/en/jp/JVN51176027/index.html JVNDB-2012-000063 http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063 USN-1592-1 http://www.ubuntu.com/usn/USN-1592-1 USN-1596-1 http://www.ubuntu.com/usn/USN-1596-1 USN-1613-1 http://www.ubuntu.com/usn/USN-1613-1 USN-1613-2 http://www.ubuntu.com/usn/USN-1613-2 http://bugs.python.org/issue11442 https://bugzilla.redhat.com/show_bug.cgi?id=803500 Common Vulnerability Exposure (CVE) ID: CVE-2011-4944 51087 http://secunia.com/advisories/51087 51089 http://secunia.com/advisories/51089 APPLE-SA-2013-10-22-3 http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html USN-1615-1 http://www.ubuntu.com/usn/USN-1615-1 USN-1616-1 http://www.ubuntu.com/usn/USN-1616-1 [oss-security] 20120327 CVE request: distutils creates ~/.pypirc insecurely http://www.openwall.com/lists/oss-security/2012/03/27/2 [oss-security] 20120327 Re: CVE request: distutils creates ~/.pypirc insecurely http://www.openwall.com/lists/oss-security/2012/03/27/10 http://www.openwall.com/lists/oss-security/2012/03/27/5 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650555 http://bugs.python.org/file23824/pypirc-secure.diff http://bugs.python.org/issue13512 https://bugzilla.redhat.com/show_bug.cgi?id=758905 openSUSE-SU-2020:0086 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2012-0845 http://www.openwall.com/lists/oss-security/2012/02/13/4 http://www.securitytracker.com/id?1026689 SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2012-1150 [oss-security] 20120309 Re: CVE Request: Python Hash DoS (Issue 13703) http://www.openwall.com/lists/oss-security/2012/03/10/3 [python-dev] 20111229 Hash collision security issue (now public) http://mail.python.org/pipermail/python-dev/2011-December/115116.html [python-dev] 20120128 plugging the hash attack http://mail.python.org/pipermail/python-dev/2012-January/115892.html http://bugs.python.org/issue13703 http://python.org/download/releases/2.6.8/ http://python.org/download/releases/2.7.3/ http://python.org/download/releases/3.1.5/ http://python.org/download/releases/3.2.3/ https://bugzilla.redhat.com/show_bug.cgi?id=750555
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.