• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Python 'Imageop' Module Argument Validation Buffer Overflow Vulnerability

Bugtraq ID:	31932
Class:	Boundary Condition Error
CVE:	CVE-2008-4864
Remote:	Yes
Local:	No
Published:	Oct 27 2008 12:00AM
Updated:	Nov 21 2009 12:06AM
Credit:	Reported by the vendor.
Vulnerable:	VMWare vMA 4.0 VMWare ESX Server 3.0.3 VMWare ESX Server 2.5.5 VMWare ESX Server 4.0 VMWare ESX Server 3.5 Ubuntu Ubuntu Linux 8.10 sparc Ubuntu Ubuntu Linux 8.10 powerpc Ubuntu Ubuntu Linux 8.10 lpia Ubuntu Ubuntu Linux 8.10 i386 Ubuntu Ubuntu Linux 8.10 amd64 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux Desktop version 4 RedHat Enterprise Linux 5 server RedHat Desktop 3.0 Python Software Foundation Python 2.5.2 Python Software Foundation Python 2.5.1 Python Software Foundation Python 2.4.5 Python Software Foundation Python 2.4.4 r14 Python Software Foundation Python 2.4.4 Python Software Foundation Python 2.4.3 + Trustix Secure Linux 3.0.5 Python Software Foundation Python 2.4.2 Python Software Foundation Python 2.4.1 Python Software Foundation Python 2.4 Python Software Foundation Python 2.3.6 Python Software Foundation Python 2.3.5 Python Software Foundation Python 2.3.4 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Python Software Foundation Python 2.3.3 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Python Software Foundation Python 2.3.2 Python Software Foundation Python 2.3.1 Python Software Foundation Python 2.3 b1 Python Software Foundation Python 2.3 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Python Software Foundation Python 2.2.3 + RedHat Desktop 3.0 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux WS 3 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Python Software Foundation Python 2.2.2 + OpenPKG OpenPKG 1.2 + RedHat Linux 7.3 + S.u.S.E. Linux Personal 8.2 Python Software Foundation Python 2.2.1 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.2 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + OpenPKG OpenPKG 1.1 + S.u.S.E. Linux 8.1 Python Software Foundation Python 2.2 + Conectiva Linux 8.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 Python Software Foundation Python 2.1.3 + Debian Linux 3.0 Python Software Foundation Python 2.1.2 Python Software Foundation Python 2.1.1 + RedHat Linux 7.2 + Sun Linux 5.0.7 Python Software Foundation Python 2.1 + Conectiva Linux 7.0 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Python Software Foundation Python 2.0.1 Python Software Foundation Python 2.0 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 Python Software Foundation Python 1.6.1 Python Software Foundation Python 1.6 Python Software Foundation Python 1.5.2 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1.1 + Caldera OpenLinux Workstation 3.1 + Conectiva Linux 6.0 + Debian Linux 3.0 + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + Debian Linux 2.2 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Single Network Firewall 7.2 + RedHat Linux 7.3 + RedHat Linux 7.2 + RedHat Linux 7.1 + RedHat Linux 7.0 + RedHat Linux 6.2 + RedHat Linux for iSeries 7.1 + RedHat Linux for pSeries 7.1 + Sun Linux 5.0.7 + Trustix Secure Linux 1.5 Python Software Foundation Python 2.5
Not Vulnerable:	VMWare vMA 4.0 Patch 2 Python Software Foundation Python 2.5.2 r6