exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

CVE-2018-1061

Status Candidate

Overview

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.

Related Files

Red Hat Security Advisory 2020-1346-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1346-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
MD5 | 1a4827e0256686b5e054938cbaf866b6
Red Hat Security Advisory 2020-1268-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1268-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.

tags | advisory, python, bypass
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947, CVE-2019-9948
MD5 | 8584dc9f76afaf292c981e9b7937fe77
Red Hat Security Advisory 2019-3725-01
Posted Nov 6, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3725-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a null pointer vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-16056, CVE-2019-5010, CVE-2019-9740, CVE-2019-9947
MD5 | b5e37081012fffa8383f809e744723b1
Red Hat Security Advisory 2019-1260-01
Posted May 22, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1260-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include an information leakage vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-10745, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647, CVE-2019-9740, CVE-2019-9947
MD5 | 8789913b6285d14129e87758b445c5a2
Ubuntu Security Notice USN-3817-2
Posted Nov 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3817-2 - USN-3817-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1061, CVE-2018-14647
MD5 | e399e890f8bd1e86e7456e03b8a0fe3d
Red Hat Security Advisory 2018-3505-01
Posted Nov 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3505-01 - Red Hat Ansible Tower 3.3.1 is now available and contains a large amount of security fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-9262, CVE-2016-9396, CVE-2017-1000050, CVE-2017-18267, CVE-2017-3735, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737, CVE-2018-0739, CVE-2018-1000805, CVE-2018-1060, CVE-2018-1061, CVE-2018-10733, CVE-2018-10767, CVE-2018-10768, CVE-2018-10844, CVE-2018-10845, CVE-2018-10846, CVE-2018-12384, CVE-2018-12910, CVE-2018-13988, CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-16837, CVE-2018-17456
MD5 | b7af30db27ef5f7b266ad41827d5a000
Red Hat Security Advisory 2018-3041-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3041-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include backtracking problems.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2018-1060, CVE-2018-1061
MD5 | b4131f12bea865ea2edf46fc45323b88
Debian Security Advisory 4307-1
Posted Sep 30, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4307-1 - to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and a buffer overflow in PyString_DecodeEscape.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2017-1000158, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647
MD5 | acf1f4f8778776ac275f78fc6fabea12
Debian Security Advisory 4306-1
Posted Sep 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4306-1 - Multiple security issues were discovered in Python: ElementTree failed to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.

tags | advisory, denial of service, python
systems | linux, debian
advisories | CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061, CVE-2018-14647
MD5 | 59ac7d08f42ae08ee8581f5c3f9f8e4e
Rockwell Automation RSLinx Classic / FactoryTalk Linx Gateway Privilege Escalation
Posted Jun 13, 2018
Authored by LiquidWorm | Site zeroscience.mk

Rockwell Automation RSLinx Classic and FactoryTalk Linx Gateway suffer from a privilege escalation vulnerability. Rockwell Automation RSLinx Classic versions 3.90.01, 3.73.00, 3.72.00, and 2.58.00 are susceptible. Rockwell Automation FactoryTalk Linx Gateway version 3.90.00 is susceptible.

tags | exploit
advisories | CVE-2018-10619
MD5 | 59c9bf7a610c8becf0674a228bcebf7b
Slackware Security Advisory - python Updates
Posted May 5, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, python
systems | linux, slackware
advisories | CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-9063, CVE-2017-9233, CVE-2018-1060, CVE-2018-1061
MD5 | 4830becfccec59ec7d1e08315d914061
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    4 Files
  • 9
    Jul 9th
    9 Files
  • 10
    Jul 10th
    7 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close