Python 2.2: Buffer overflow in getaddrinfo()

Python 2.2: Buffer overflow in getaddrinfo() Python 2.2 has a vulnerability in DNS handling when IPV6 is disabled and a malformed IPV6 address is encountered by getaddrinfo(). Python 2004-09-02 2004-09-02 62440 remote 2.2.2 2.2 2.2.2

Python is an interpreted, interactive, object-oriented, cross-platform programming language.

If IPV6 is disabled in Python 2.2, getaddrinfo() is not able to handle IPV6 DNS requests properly and a buffer overflow occurs.

An attacker can execute arbitrary code as the user running python.

Users with IPV6 enabled are not affected by this vulnerability.

All Python 2.2 users should upgrade to the latest version:


    # emerge sync

    # emerge -pv ">=dev-lang/python-2.2.2"
    # emerge ">=dev-lang/python-2.2.2"

CVE-2004-0150 OSVDB:4172 chriswhite