Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0150

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0150
Last Modified 10 Sep 2008 03:25:16
Published 15 Apr 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0150

Summary

Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.

Vulnerable Systems

Application

  • Python Software Foundation Python 2.2

  • Python Software Foundation Python 2.2.1


References

BID - 9836

DEBIAN - DSA-458

XF - python-getaddrinfo-bo(15409)

OSVDB - 4172

MANDRAKE - MDKSA-2004:019

GENTOO - GLSA-200409-03


Last Updated: 27 May 2016 10:38:30