UBUNTU-CVE-2013-1752

Source
https://ubuntu.com/security/CVE-2013-1752
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-1752.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2013-1752
Related
Published
2013-12-26T00:00:00Z
Modified
2013-12-26T00:00:00Z
Summary
[none]
Details

* REJECT * Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 "Independently Fixable" in the CVE Counting Decisions.

References

Affected packages

Ubuntu:14.04:LTS / python2.7

Package

Name
python2.7
Purl
pkg:deb/ubuntu/python2.7?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.6-8ubuntu0.2

Affected versions

2.*

2.7.5-8ubuntu3
2.7.5-8ubuntu4
2.7.6-2
2.7.6-2ubuntu1
2.7.6-3
2.7.6-3ubuntu1
2.7.6-4
2.7.6-4ubuntu1
2.7.6-5
2.7.6-7
2.7.6-8

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "idle-python2.7"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-dbg"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-dev"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-dev-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-minimal"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-minimal-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-stdlib"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-stdlib-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "libpython2.7-testsuite"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-dbg"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-dev"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-dev-dbgsym"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-doc"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-examples"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-minimal"
        },
        {
            "binary_version": "2.7.6-8ubuntu0.2",
            "binary_name": "python2.7-minimal-dbgsym"
        }
    ]
}