French Security Incident Response Team

FrSIRT   

      

   français French  anglais English

 
Vulnerability Notification Service
 FrSIRT Private Exploit & PoC Codes Service
 FrSIRT Partner Program
 14-Day Free Trial
Contact FrSIRT Sales Dept.
 

Security Advisories
Linux Security Advisories
Virus and Threats Advisories
Latest Security News
Latest Zero Day Threats
Security Vulnerabilities and Advisories Search Engine
 

Report a security incident
Report a new vulnerability
Security Mailinglist
 

Our Company
FrSIRT in the News
Advertise on FrSIRT.COM
Security Researchers and Exploit Writers Jobs
Contact Us

Fedora Security Update Fixes Python Integer Overflow Vulnerability

Title : Fedora Security Update Fixes Python Integer Overflow Vulnerability
Advisory ID : FrSIRT/ADV-2007-3654
CVE ID : CVE-2007-4965
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-10-30

Advisory Details
 
  Description
  Affected Products
  Solution
  References
Technical Description    Receive FrSIRT alerts in a Text format  Receive FrSIRT alerts in a PDF format  Receive FrSIRT alerts in an XML format  Receive FrSIRT notifications by SMS 

A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code [...]

Solution

Upgrade the affected packages :

19b48c55d1c81dde82c6ff5577ec8aeee741a004 python-devel-2.5-14.fc7.ppc64.rpm
e3780a0d8ee1f0831840e46d69ec4856b993e531 python-debuginfo-2.5-14.fc7.ppc64.rpm
4702d8d8b56a41f9a809d6513012eaff97053f5b tkinter-2.5-14.fc7.ppc64.rpm
d2912c0f1ec7049e2e12511c7df4bf3b0fbf1e62 python-tools-2.5-14.fc7.ppc64.rpm
d53809ea841182f22ee59e3e4fe1ca10e68a999c python-2.5-14.fc7.ppc64.rpm
88fb6c0c27a77ffe9d7d5f536a95a35d635ae12d python-libs-2.5-14.fc7.ppc64.rpm
787611a8a8654d34199a8c9e4dcc19daf63244b7 tkinter-2.5-14.fc7.i386.rpm
078edabdd4ef06d96ba129119aa07b692187813c python-debuginfo-2.5-14.fc7.i386.rpm
8b1e8a6356dc193022a21ba5edf49da5e5f324e1 python-2.5-14.fc7.i386.rpm
bc80242891a2ec1f2c5ee388c46fc7bb964c106d python-devel-2.5-14.fc7.i386.rpm
b79080fa4731b51d12f979a16900a45320314d5f python-libs-2.5-14.fc7.i386.rpm
7bd18c479ef53f84caf4d7ec947b4aaae9b86423 python-tools-2.5-14.fc7.i386.rpm
e616ee4bd058011a934aeb9f2b021fa7750985c9 tkinter-2.5-14.fc7.x86_64.rpm
bf6ed59b839c0479a56a23283983d68a057bc0bc python-2.5-14.fc7.x86_64.rpm
db37ad76506450cc64f05ae9eb1d8be81c139aaa python-debuginfo-2.5-14.fc7.x86_64.rpm
9c15efd777c73df234a28d4ac9d0a60a8ba486c9 python-devel-2.5-14.fc7.x86_64.rpm
77de8859ac4745449f54adef2e7c2b280130db82 python-libs-2.5-14.fc7.x86_64.rpm
79a0b699e4250eefbf926299bfb7eac79262f5c9 python-tools-2.5-14.fc7.x86_64.rpm
ff3650bb1385ca3e27368317ab03e1d52a03c372 python-libs-2.5-14.fc7.ppc.rpm
da2e84ae407934e1d510a6c5ea1a4105794182d8 python-2.5-14.fc7.ppc.rpm
e330edb0f1e6f9082564455112cc285d8c6b5ceb python-devel-2.5-14.fc7.ppc.rpm
f1a52deecfcaef1444352e68b55025a1414d0cae python-debuginfo-2.5-14.fc7.ppc.rpm
90fb955eac390e0fa49e51b9d29db4bdf2162833 python-tools-2.5-14.fc7.ppc.rpm
a25e11ffe4add7fad8b8a4bc4031a1521689f77b tkinter-2.5-14.fc7.ppc.rpm
d4d994f7acc67000375e0fa2f927a3eb0b6b1c80 python-2.5-14.fc7.src.rpm

ChangeLog

2007-10-30 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
 
 

Search
      

Mailinglist
    
 

IBM AIX Sendmail Header Lines Denial of Service Vulnerability

IBM Metrica Multiple Parameter Cross Site Scripting Vulnerabilities

IBM Lotus Quickr Unspecified Cross Site Scripting Vulnerabilities

IBM Hardware Management Console Denial of Service Vulnerability

IBM Tivoli Storage Manager Client Buffer Overflow Vulnerability

IBM DB2 Denial of Service and Information Disclosure Vulnerabilities

IBM Lotus Quickr Denial of Service and Security Bypass Vulnerabilities

Sun Logical Domain Manager Local Privilege Escalation Vulnerability

Sun StarOffice/StarSuite EMF Handling Buffer Overflow Vulnerability

Sun Java Messaging Server Cross Site Scripting Vulnerability

Sun Solaris IP Filter NAT Service DNS Cache Poisoning Vulnerability

Sun Java System Identity Manager Security Bypass Vulnerabilities

Sun Solaris DHCP Buffer Overflow and Denial of Service

Sun Solstice X.25 "/dev/xty" Local Denial of Service Vulnerability

Apple Safari Code Execution and Security Bypass Vulnerabilities

Apple iLife and Aperture Image Handling Code Execution Vulnerabilities

Apple Mac OS X Code Execution and Security Bypass Vulnerabilities

Apple TV Multiple File Processing Code Execution Vulnerabilities

Apple Mac OS X Code Execution and Security Bypass Vulnerabilities

Apple iPhone Code Execution and Security Bypass Vulnerabilities

Apple QuickTime Multiple Remote Code Execution Vulnerabilities

Copyright 2003-2008 © FrSIRT.COM - Privacy Policy