[ MDVSA-2015:074 ] openldap
Monthly Archives: March 2015
Bugtraq: [ MDVSA-2015:075 ] python
[ MDVSA-2015:075 ] python
Bugtraq: [ MDVSA-2015:076 ] python3
[ MDVSA-2015:076 ] python3
Bugtraq: [ MDVSA-2015:077 ] python-numpy
[ MDVSA-2015:077 ] python-numpy
Slack Discloses Breach of Its User Profile Database, Implements 2FA
Collaboration providers Slack disclosed that a database storing its user profile information has been breached. The break-in has been stopped, and Slack announced that it has implemented two-factor authentication going forward.
WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow
WebGate WinRDS version 2.0.8 suffers from a StopSiteAllChannel stack overflow vulnerability.
[ MDVSA-2015:075 ] python
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2015:075 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : python Date : March 27, 2015 Affected: Business Server 2.0 _______________________________________________________________________ Problem Description: Updated python packages fix security vulnerabilities: A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code (CVE-2014-1912). This updates the python package to version 2.7.6, which fixes several other
Internet Download Manager 6.20 Local Buffer Overflow
Internet Download Manager version 6.20 suffers from a local buffer overflow vulnerability.
MDVSA-2015:077: python-numpy
Updated python-numpy packages fix security vulnerabilities:
f2py insecurely used a temporary file. A local attacker could use this
flaw to perform a symbolic link attack to modify an arbitrary file
accessible to the user running f2py (CVE-2014-1858, CVE-2014-1859).
MDVSA-2015:076: python3
Updated python3 packages fix security vulnerabilities:
ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary
edited zips (CVE-2013-7338).
A vulnerability was reported in Python’s socket module, due to
a boundary error within the sock_recvfrom_into() function, which
could be exploited to cause a buffer overflow. This could be used
to crash a Python application that uses the socket.recvfrom_info()
function or, possibly, execute arbitrary code with the permissions
of the user running vulnerable Python code (CVE-2014-1912).
It was reported that a patch added to Python 3.2 caused a race
condition where a file created could be created with world read/write
permissions instead of the permissions dictated by the original umask
of the process. This could allow a local attacker that could win the
race to view and edit files created by a program using this call. Note
that prior versions of Python, including 2.x, do not include the
vulnerable _get_masked_mode() function that is used by os.makedirs()
when exist_ok is set to True (CVE-2014-2667).
Python are susceptible to arbitrary process memory reading by a user
or adversary due to a bug in the _json module caused by insufficient
bounds checking. The bug is caused by allowing the user to supply a
negative value that is used an an array index, causing the scanstring
function to access process memory outside of the string it is intended
to access (CVE-2014-4616).
The CGIHTTPServer Python module does not properly handle URL-encoded
path separators in URLs. This may enable attackers to disclose a CGI
script’s source code or execute arbitrary scripts in the server’s
document root (CVE-2014-4650).