CVE-2008-1721 - Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote atta

CVE-2008-1721

Summary

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

References

Vulnerable Configurations

cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 05-07-2022 - 18:43)
Impact:
Exploitability:

CWE

CWE-681

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

oval via4

accepted

2010-03-01T04:00:16.164-05:00

class

vulnerability

contributors

name	Pai Peng
organization	Hewlett-Packard

definition_extensions

comment Solaris 10 (SPARC) is installed
oval oval:org.mitre.oval:def:1440
comment Solaris 10 (x86) is installed
oval oval:org.mitre.oval:def:1926

description

family

unix

oval:org.mitre.oval:def:8249

status

accepted

submitted

2010-01-19T17:52:34.000-05:00

title

Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code

version

accepted

2014-01-20T04:01:39.657-05:00

class

vulnerability

contributors

name Pai Peng
organization Hewlett-Packard
name Chris Coffin
organization The MITRE Corporation

definition_extensions

comment VMWare ESX Server 3.0.3 is installed
oval oval:org.mitre.oval:def:6026
comment VMware ESX Server 3.5.0 is installed
oval oval:org.mitre.oval:def:5887
comment VMware ESX Server 4.0 is installed
oval oval:org.mitre.oval:def:6293

description

family

unix

oval:org.mitre.oval:def:8494

status

accepted

submitted

2010-03-19T16:57:59.000-04:00

title

VMware python zlib extension module vulnerability

version

accepted

2013-04-29T04:19:12.524-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:9407

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

rpms

python-0:2.4.3-24.el5_3.6
python-debuginfo-0:2.4.3-24.el5_3.6
python-devel-0:2.4.3-24.el5_3.6
python-tools-0:2.4.3-24.el5_3.6
tkinter-0:2.4.3-24.el5_3.6
python-0:2.3.4-14.7.el4_8.2
python-debuginfo-0:2.3.4-14.7.el4_8.2
python-devel-0:2.3.4-14.7.el4_8.2
python-docs-0:2.3.4-14.7.el4_8.2
python-tools-0:2.3.4-14.7.el4_8.2
tkinter-0:2.3.4-14.7.el4_8.2

refmap via4

apple	APPLE-SA-2009-02-12
bid	28715
bugtraq	20080409 IOActive Security Advisory: Buffer overflow in Python zlib extension module 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components
confirm	http://bugs.python.org/issue2586 http://support.apple.com/kb/HT3438 http://support.avaya.com/css/P8/documents/100074697 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0149 http://www.vmware.com/security/advisories/VMSA-2009-0016.html https://issues.rpath.com/browse/RPL-2444
debian	DSA-1551 DSA-1620
gentoo	GLSA-200807-01
mandriva	MDVSA-2008:085
sectrack	1019823
secunia	29889 29955 30872 31255 31358 31365 33937 37471 38675
slackware	SSA:2008-217-01
sreason	3802
ubuntu	USN-632-1
vupen	ADV-2008-1229 ADV-2009-3316
xf	zlib-pystringfromstringandsize-bo(41748)

statements via4

contributor	Joshua Bressers
lastmodified	2008-04-15
organization	Red Hat
statement	Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=442005 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/

Last major update

05-07-2022 - 18:43

Published

10-04-2008 - 19:05

Last modified

05-07-2022 - 18:43