Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200409-03] Python 2.2: Buffer overflow in getaddrinfo() Vulnerability Scan
Vulnerability Scan Summary
Python 2.2: Buffer overflow in getaddrinfo()
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200409-03
(Python 2.2: Buffer overflow in getaddrinfo())
If IPV6 is disabled in Python 2.2, getaddrinfo() is not able to handle IPV6
DNS requests properly and a buffer overflow occurs.
A possible hacker can execute arbitrary code as the user running python.
Users with IPV6 enabled are not affected by this vulnerability.
All Python 2.2 users should upgrade to the latest version:
# emerge sync
# emerge -pv ">=dev-lang/python-2.2.2"
# emerge ">=dev-lang/python-2.2.2"
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.