Python getaddrinfo Function Remote Buffer Overflow Vulnerability

It has been reported that Python may be prone to a remote buffer overflow vulnerability that may allow an attacker to execute arbitrary code on a vulnerable system in order to gain unauthorized access. The issue exists due to insufficient boundary checks performed by the 'getaddrinfo' function and occurs when an IPv6 address of excessive length is sent to a vulnerable host via DNS.

It has been reported that this issue affects Python versions 2.2 and 2.2.1.

Due to a lack of information, further details cannot be outlined at the moment. This BID will be updated as more information becomes available.


Privacy Statement
Copyright 2010, SecurityFocus