CVE-2004-0150
Summary
| CVE | CVE-2004-0150 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2004-04-15 04:00:00 UTC |
| Updated | 2023-08-02 18:00:00 UTC |
| Description | Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS. |
Risk And Classification
Problem Types: CWE-120
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Python | Python | All | All | All | All |
| Application | Python Software Foundation | Python | 2.2 | All | All | All |
| Application | Python Software Foundation | Python | 2.2.1 | All | All | All |
| Application | Python Software Foundation | Python | 2.2 | All | All | All |
| Application | Python Software Foundation | Python | 2.2.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Mandrakesoft Security Advisories | MANDRAKE | www.mandrakesoft.com | |
| Python getaddrinfo Function Remote Buffer Overflow Vulnerability | BID | www.securityfocus.com | Patch, Vendor Advisory |
| 4172 | OSVDB | www.osvdb.org | |
| Debian -- Security Information -- DSA-458-3 python2.2 | DEBIAN | www.debian.org | Patch, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Gentoo Linux Documentation -- Python 2.2: Buffer overflow in getaddrinfo() | GENTOO | www.gentoo.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.