CVE-2008-2316
Summary
| CVE | CVE-2008-2316 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2008-08-01 14:41:00 UTC |
|---|
| Updated | 2023-08-02 18:52:00 UTC |
|---|
| Description | Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB." |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| The Slackware Linux Project: Slackware Security Advisories |
SLACKWARE |
slackware.com |
|
| rPath update for idle and python - Advisories - Community |
SECUNIA |
secunia.com |
|
| wiki.rpath.com/Advisories:rPSA-2008-0243 |
CONFIRM |
wiki.rpath.com |
|
| IBM X-Force Exchange |
XF |
exchange.xforce.ibmcloud.com |
|
| APPLE-SA-2009-02-12 Security Update 2009-001 |
APPLE |
lists.apple.com |
|
| Ubuntu update for python - Secunia Advisories - Vulnerability Intelligence - Secunia.com |
SECUNIA |
secunia.com |
|
| SUSE update for python - Advisories - Secunia |
SECUNIA |
secunia.com |
|
| Gentoo Linux Documentation
--
Python: Multiple vulnerabilities |
GENTOO |
security.gentoo.org |
|
| USN-632-1: Python vulnerabilities | Ubuntu |
UBUNTU |
www.ubuntu.com |
|
| Slackware update for python - Secunia Advisories - Vulnerability Information - Secunia.com |
SECUNIA |
secunia.com |
|
| SUSE Update for Multiple Packages - Secunia Advisories - Vulnerability Intelligence - Secunia.com |
SECUNIA |
secunia.com |
|
| [security-announce] SUSE Security Summary Report SUSE-SR:2008:017 |
SUSE |
lists.opensuse.org |
|
| Gentoo Bug 230640 - dev-lang/python <2.4.4-r14 integer overflows (CVE-2008-2315, CVE-2008-2316) |
CONFIRM |
bugs.gentoo.org |
|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH |
VUPEN |
www.vupen.com |
|
| SecurityFocus |
BUGTRAQ |
www.securityfocus.com |
|
| Support | Micro Focus |
CONFIRM |
www.novell.com |
|
| Support / Security / Advisories / / MDVSA-2008:163 | Mandriva |
MANDRIVA |
www.mandriva.com |
|
| IBM X-Force Exchange |
XF |
exchange.xforce.ibmcloud.com |
|
| bugs.gentoo.org/attachment.cgi |
CONFIRM |
bugs.gentoo.org |
Exploit |
| Apple Mac OS X Security Update Fixes Multiple Vulnerabilities - Secunia Advisories - Vulnerability Information - Secunia.com |
SECUNIA |
secunia.com |
|
| About the security content of Security Update 2009-001 |
CONFIRM |
support.apple.com |
|
| Python Multiple Buffer Overflow Vulnerabilities |
BID |
www.securityfocus.com |
|
| Python Multiple Vulnerabilities - Secunia Advisories - Vulnerability Information - Secunia.com |
SECUNIA |
secunia.com |
|
| Gentoo update for python - Secunia Advisories - Vulnerability Intelligence - Secunia.com |
SECUNIA |
secunia.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|
| Red Hat | 2008-08-04 | Tomas Hoger | Not vulnerable. This issue did not affect the versions of python as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. Affected module was only introduced upstream in python 2.5. |
There are currently no legacy QID mappings associated with this CVE.
