USN-729-1 -- python-crypto vulnerabilityID: oval:org.secpod.oval:def:700411 | Date: (C)2011-05-13 (M)2023-11-09 |
Class: PATCH | Family: unix |
Mike Wiacek discovered that the ARC2 implementation in Python Crypto did not correctly check the key length. If a user or automated system were tricked into processing a malicious ARC2 stream, a remote attacker could execute arbitrary code or crash the application using Python Crypto, leading to a denial of service.
Platform: |
Ubuntu 7.10 |
Ubuntu 8.04 |
Ubuntu 6.06 |
Ubuntu 8.10 |