Rapid7 Vulnerability & Exploit Database

RHSA-2009:1176: python security update

Back to Search

RHSA-2009:1176: python security update



Python is an interpreted, interactive, object-oriented programminglanguage.When the assert() system call was disabled, an input sanitization flaw wasrevealed in the Python string object implementation that led to a bufferoverflow. The missing check for negative size values meant the Pythonmemory allocator could allocate less memory than expected. This couldresult in arbitrary code execution with the Python interpreter'sprivileges. (CVE-2008-1887)Multiple buffer and integer overflow flaws were found in the Python Unicodestring processing and in the Python Unicode and string objectimplementations. An attacker could use these flaws to cause a denial ofservice (Python application crash). (CVE-2008-3142, CVE-2008-5031)Multiple integer overflow flaws were found in the Python imageop module. Ifa Python application used the imageop module to process untrusted images,it could cause the application to disclose sensitive information, crash or,potentially, execute arbitrary code with the Python interpreter'sprivileges. (CVE-2007-4965, CVE-2008-4864)Multiple integer underflow and overflow flaws were found in the Pythonsnprintf() wrapper implementation. An attacker could use these flaws tocause a denial of service (memory corruption). (CVE-2008-3144)Multiple integer overflow flaws were found in various Python modules. Anattacker could use these flaws to cause a denial of service (Pythonapplication crash). (CVE-2008-2315, CVE-2008-3143)An integer signedness error, leading to a buffer overflow, was foundin the Python zlib extension module. If a Python application requestedthe negative byte count be flushed for a decompression stream, it couldcause the application to crash or, potentially, execute arbitrary codewith the Python interpreter's privileges. (CVE-2008-1721)A flaw was discovered in the strxfrm() function of the Python localemodule. Strings generated by this function were not properlyNULL-terminated, which could possibly cause disclosure of data stored inthe memory of a Python application using this function. (CVE-2007-2052)Red Hat would like to thank David Remahl of the Apple Product Security teamfor responsibly reporting the CVE-2008-2315 issue.All Python users should upgrade to these updated packages, which containbackported patches to correct these issues.


  • redhat-upgrade-python
  • redhat-upgrade-python-devel
  • redhat-upgrade-python-tools
  • redhat-upgrade-tkinter

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center