Gentoo Linux Security Advisory GLSA 200903-11 - A buffer overflow in PyCrypto might lead to the execution of arbitrary code when decrypting using ARC2. Mike Wiacek of the Google Security Team reported a buffer overflow in the ARC2 module when processing a large ARC2 key length. Versions less than 2.0.1-r8 are affected.
b48dbee97d58e7d9d714c39584306a242eaadaab6a4dbf64fc7783df14fab56bUbuntu Security Notice USN-729-1 - Mike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to a denial of service.
36546a44c4b9b05f4b704008fb59bbae4c28fc388c90a10ecf4b3f3eb77bfdd3Debian Security Advisory 1726-1 - Mike Wiacek discovered that a buffer overflow in the ARC2 implementation of Python Crypto, a collection of cryptographic algorithms and protocols for Python allows denial of service and potentially the execution of arbitrary code.
ba165e0a0e50093403abd4d48c8645ca1d66ff27f61ea2a6a3e92f78fb2caa4dMandriva Linux Security Advisory 2009-049-1 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this. The previous update package was not signed.
b18c87b6823d40961d07979b10ab0567db6472ac2c3f2d3d3378d1cb70a26ca7Mandriva Linux Security Advisory 2009-050-1 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this. The previous update package was not signed.
618fc4a1e35de59495086bd8ccfa8b6f0c0d92c24e82a3883519f85085df6a5cMandriva Linux Security Advisory 2009-050 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this.
6c06bfb6b308dd847f9be2e8cc5aa0826c3ac3fee2147a6190402cf4a642a6bdMandriva Linux Security Advisory 2009-049 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this.
3923acde3f1a836723a8881c22bc76c76cb69ad9e9dca5bb16749cc0b8cd3809
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed