• info
• discussion
• exploit
• solution
• references

PyCrypto ARC2 Module Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.


Mandriva Linux Mandrake 2008.1 x86_64

• Mandriva pycrypto-2.0.1-2.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-2.2mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 7.10 powerpc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2ubuntu1.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2ubuntu1.1_powerpc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2ubuntu1.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2ubuntu1.1_powerpc.deb

Mandriva Linux Mandrake 2008.1

• Mandriva pycrypto-2.0.1-2.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-2.2mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/

Debian Linux 5.0 ia-64

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_ia64.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_ia64.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_ia64.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_ia64.deb

Ubuntu Ubuntu Linux 8.04 LTS powerpc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.1ubuntu1.1_powerpc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.1ubuntu1.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.1ubuntu1.1_powerpc.deb

Ubuntu Ubuntu Linux 8.10 powerpc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.3ubuntu0.1_powerpc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.3ubuntu0.1_powerpc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.3ubuntu0.1_powerpc.deb

Ubuntu Ubuntu Linux 8.10 i386

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_i386.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.3ubuntu0.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2.3ubuntu0.1_i386.deb

Ubuntu Ubuntu Linux 8.04 LTS sparc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.1ubuntu1.1_sparc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.1ubuntu1.1_sparc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.1ubuntu1.1_sparc.deb

Ubuntu Ubuntu Linux 6.06 LTS sparc

• Ubuntu python-crypto_2.0.1+dfsg1-1ubuntu1.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-1ubuntu1.1_sparc.deb


• Ubuntu python2.4-crypto_2.0.1+dfsg1-1ubuntu1.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python2.4- crypto_2.0.1+dfsg1-1ubuntu1.1_sparc.deb

Debian Linux 5.0 alpha

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_alpha.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_alpha.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_alpha.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_alpha.deb

Debian Linux 5.0 ia-32

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_i386.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_i386.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_i386.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_i386.deb

Mandriva Linux Mandrake 2008.0 x86_64

• Mandriva pycrypto-2.0.1-1.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-1.2mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 8.04 LTS amd64

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_amd64.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.1ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2.1ubuntu1.1_amd64.deb

Ubuntu Ubuntu Linux 6.06 LTS powerpc

• Ubuntu python-crypto_2.0.1+dfsg1-1ubuntu1.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-1ubuntu1.1_powerpc.deb


• Ubuntu python2.4-crypto_2.0.1+dfsg1-1ubuntu1.1_powerpc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python2.4- crypto_2.0.1+dfsg1-1ubuntu1.1_powerpc.deb

Debian Linux 5.0 s/390

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_s390.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_s390.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_s390.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_s390.deb

Mandriva Linux Mandrake 2008.0

• Mandriva pycrypto-2.0.1-1.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-1.2mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 7.10 sparc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2ubuntu1.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2ubuntu1.1_sparc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2ubuntu1.1_sparc.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2ubuntu1.1_sparc.deb

Debian Linux 5.0 mipsel

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_mipsel.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_mipsel.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_mipsel.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_mipsel.deb

Ubuntu Ubuntu Linux 8.04 LTS lpia

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.1ubuntu1.1_lpia.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.1ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.1ubuntu1.1_lpia.deb

Ubuntu Ubuntu Linux 6.06 LTS i386

• Ubuntu python-crypto_2.0.1+dfsg1-1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-1ubuntu1.1_i386.deb


• Ubuntu python2.4-crypto_2.0.1+dfsg1-1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python2.4- crypto_2.0.1+dfsg1-1ubuntu1.1_i386.deb

Ubuntu Ubuntu Linux 7.10 lpia

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2ubuntu1.1_lpia.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2ubuntu1.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2ubuntu1.1_lpia.deb

Ubuntu Ubuntu Linux 8.10 lpia

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.3ubuntu0.1_lpia.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.3ubuntu0.1_lpia.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.3ubuntu0.1_lpia.deb

Ubuntu Ubuntu Linux 7.10 i386

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2ubuntu1.1_i386.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2ubuntu1.1_i386.deb

Ubuntu Ubuntu Linux 6.06 LTS amd64

• Ubuntu python-crypto_2.0.1+dfsg1-1ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-1ubuntu1.1_amd64.deb


• Ubuntu python2.4-crypto_2.0.1+dfsg1-1ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python2.4- crypto_2.0.1+dfsg1-1ubuntu1.1_amd64.deb

Ubuntu Ubuntu Linux 8.10 sparc

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_sparc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto-dbg_2. 0.1+dfsg1-2.3ubuntu0.1_sparc.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.3ubuntu0.1_sparc.deb
  http://ports.ubuntu.com/pool/main/p/python-crypto/python-crypto_2.0.1+ dfsg1-2.3ubuntu0.1_sparc.deb

Debian Linux 5.0 arm

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_arm.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_arm.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_arm.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_arm.deb

Mandriva Linux Mandrake 2009.0

• Mandriva pycrypto-2.0.1-3.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-3.2mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva python-pycrypto-2.0.1-4.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva python-pycrypto-2.0.1-4.2mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/

Debian Linux 5.0 armel

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_armel.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_armel.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_armel.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_armel.deb

MandrakeSoft Corporate Server 4.0

• Mandriva pycrypto-2.0-1.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0-1.2.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 7.10 amd64

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2ubuntu1.1_amd64.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2ubuntu1.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2ubuntu1.1_amd64.deb

Ubuntu Ubuntu Linux 8.04 LTS i386

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2.1ubuntu1.1_i386.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.1ubuntu1.1_i386.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2.1ubuntu1.1_i386.deb

Debian Linux 5.0 amd64

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_amd64.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_amd64.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_amd64.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_amd64.deb

Mandriva Linux Mandrake 2009.0 x86_64

• Mandriva pycrypto-2.0.1-3.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0.1-3.2mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva python-pycrypto-2.0.1-4.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva python-pycrypto-2.0.1-4.2mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/

Debian Linux 5.0 mips

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_mips.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_mips.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_mips.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_mips.deb

Debian Linux 5.0 powerpc

• Debian python-crypto-dbg_2.0.1+dfsg1-2.3+lenny0_powerpc.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto-dbg_2.0.1+dfsg1-2.3+lenny0_powerpc.deb


• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_powerpc.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_powerpc.deb

Ubuntu Ubuntu Linux 8.10 amd64

• Ubuntu python-crypto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto-dbg_2.0.1+dfsg1-2.3ubuntu0.1_amd64.deb


• Ubuntu python-crypto_2.0.1+dfsg1-2.3ubuntu0.1_amd64.deb
  http://security.ubuntu.com/ubuntu/pool/main/p/python-crypto/python-cry pto_2.0.1+dfsg1-2.3ubuntu0.1_amd64.deb

Debian Linux 5.0 sparc

• Debian python-crypto_2.0.1+dfsg1-2.3+lenny0_sparc.deb
  http://security.debian.org/pool/updates/main/p/python-crypto/python-cr ypto_2.0.1+dfsg1-2.3+lenny0_sparc.deb

MandrakeSoft Corporate Server 4.0 x86_64

• Mandriva pycrypto-2.0-1.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pycrypto-2.0-1.2.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/