Rapid7 Vulnerability & Exploit Database

SuSE: python 2.3.4-3.2

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SuSE: python 2.3.4-3.2

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

05/02/2005

Created

07/25/2018

Added

11/08/2005

Modified

11/18/2015

Description

The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes.

Solution(s)

References

https://attackerkb.com/topics/cve-2005-0089
12437
CVE - 2005-0089
DSA-666
MDKSA-2005:035
OVAL9811
RHSA-2005:108
http://marc.theaimsgroup.com/?l=bugtraq&m=110746469728728&w=2
http://python.org/security/PSF-2005-001/patch-2.2.txt
http://www.novell.com/linux/download/updates/92_x86_64.html
http://www.python.org/security/PSF-2005-001/
http://www.trustix.org/errata/2005/0003/
19217

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SuSE: python 2.3.4-3.2

SuSE: python 2.3.4-3.2

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.