Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2014:1006-1)
Summary:The remote host is missing an update for the 'Python' package(s) announced via the SUSE-SU-2014:1006-1 advisory.
The remote host is missing an update for the 'Python' package(s) announced via the SUSE-SU-2014:1006-1 advisory.

Vulnerability Insight:
Python has been updated to version 2.6.9, which brings many fixes for bugs and security issues:

* SSL Root Certificate validation is now enabled by default.
* Fixed a overflow in socket.recvfrom_into where incorrect python
programs could have been exploited remotely via a buffer overrun.
* Multiple unbound readline() DoS flaws in python stdlib have been
fixed. (CVE-2013-1752)
* Handling of embedded 0 in SSL certificate fields has been fixed.
* CGIHTTPServer file disclosure and directory traversal through
URL-encoded characters has been fixed. (CVE-2014-4650)

Additionally, the following non-security issues have been fixed:

* Turn off OpenSSL's aggressive optimizations that conflict with
Python's GC. (bnc#859068)
* Fix usage of MD5 in hmac module when the cipher is not available in
FIPS mode. (bnc#847135)
* Update 'urlparse' module to correctly parse IPv6 addresses.
* Correctly enable IPv6 support.

Security Issues:

* CVE-2013-4238
* CVE-2014-1912
* CVE-2013-1752
* CVE-2014-4650

Affected Software/OS:
'Python' package(s) on SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Server 11 SP1

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1752
Common Vulnerability Exposure (CVE) ID: CVE-2013-4238
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
Debian Security Information: DSA-2880 (Google Search)
RedHat Security Advisories: RHSA-2013:1582
SuSE Security Announcement: openSUSE-SU-2013:1437 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1438 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1439 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1440 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1462 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1463 (Google Search)
SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-1912
BugTraq ID: 65379
RedHat Security Advisories: RHSA-2015:1064
RedHat Security Advisories: RHSA-2015:1330
SuSE Security Announcement: openSUSE-SU-2014:0518 (Google Search)
SuSE Security Announcement: openSUSE-SU-2014:0597 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2014-4650
RedHat Security Advisories: Red Hat
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.