Summary
The remote host is missing an update to python2.3
announced via advisory DSA 1198-1.
Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
Solution
For the stable distribution (sarge) this problem has been fixed in version 2.3.5-3sarge2. Due to build problems this update lacks fixed packages for the Alpha and Sparc architectures. Once they are sorted out, fixed binaries will be released.
For the unstable distribution (sid) this problem has been fixed in version 2.3.5-16.
We recommend that you upgrade your Python 2.3 packages.
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201198-1
Severity
Classification
-
CVE CVE-2006-4980 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities