Vulnerability CVE-2010-2089

Vulnerability Name:

CVE-2010-2089 (CCN-59066)

Assigned:

2010-01-11

Published:

2010-01-11

Updated:

2022-08-16

Summary:

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.3 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-787

Vulnerability Consequences:

Denial of Service

References:

Source: CCN
Type: python Issue 7673
audioop: check that length is a multiple of the size

Source: CONFIRM
Type: Patch, Vendor Advisory
http://bugs.python.org/issue7673

Source: MITRE
Type: CNA
CVE-2010-2089

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-10-12-3

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2010-9652

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SR:2010:024

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SR:2011:002

Source: CCN
Type: RHSA-2011-0027
Low: python security, bug fix, and enhancement update

Source: CCN
Type: RHSA-2011-0491
Moderate: python security update

Source: CCN
Type: SA40148
Python audioop Module Denial of Service Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
40194

Source: SECUNIA
Type: Third Party Advisory
42888

Source: SECUNIA
Type: Third Party Advisory
43068

Source: SECUNIA
Type: Third Party Advisory
50858

Source: SECUNIA
Type: Third Party Advisory
51024

Source: SECUNIA
Type: Third Party Advisory
51040

Source: SECUNIA
Type: Third Party Advisory
51087

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT5002

Source: REDHAT
Type: Third Party Advisory
RHSA-2011:0027

Source: BID
Type: Third Party Advisory, VDB Entry
40863

Source: CCN
Type: BID-40863
Python 'audioop' Module Memory Corruption Vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-1596-1

Source: UBUNTU
Type: Third Party Advisory
USN-1613-1

Source: UBUNTU
Type: Third Party Advisory
USN-1613-2

Source: UBUNTU
Type: Third Party Advisory
USN-1616-1

Source: VUPEN
Type: Third Party Advisory
ADV-2010-1448

Source: VUPEN
Type: Third Party Advisory
ADV-2011-0122

Source: VUPEN
Type: Third Party Advisory
ADV-2011-0212

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=598197

Source: XF
Type: UNKNOWN
python-audioop-sizeargument-dos(59066)

Source: SUSE
Type: SUSE-SR:2010:024
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2011:002
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:python:python:*:*:*:*:*:*:*:* (Version >= 3.1.0 and < 3.1.3)

OR cpe:/a:python:python:*:*:*:*:*:*:*:* (Version >= 2.6.0 and < 2.6.6)

OR cpe:/a:python:python:*:*:*:*:*:*:*:* (Version >= 2.5.0 and < 2.5.6)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration CCN 1:

cpe:/a:python:python:2.7.0:*:*:*:*:*:*:*

OR cpe:/a:python:python:3.2:-:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*

OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*

OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20102089	V	CVE-2010-2089	2022-05-20
oval:org.opensuse.security:def:29436	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:32208	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:29400	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:32074	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:32000	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:32301	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:27990	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:33449	P	Security update for glibc	2020-12-01
oval:org.opensuse.security:def:28702	P	Security update for GPG2	2020-12-01
oval:org.opensuse.security:def:32445	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:28184	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:31988	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:28762	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:32657	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28325	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32745	P	lvm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28561	P	Security update for icedtea-web	2020-12-01
oval:org.opensuse.security:def:27979	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32811	P	xterm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28663	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:32358	P	Security update for squidGuard (Moderate)	2020-12-01
oval:org.opensuse.security:def:28054	P	Security update for cyrus-imapd (Important)	2020-12-01
oval:org.opensuse.security:def:33488	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:28718	P	Security update for kdebase4-runtime	2020-12-01
oval:org.opensuse.security:def:32601	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28268	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:31989	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32706	P	libcap-progs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28409	P	Security update for tidy (Low)	2020-12-01
oval:org.opensuse.security:def:27978	P	Security update for MozillaFirefox (Critical)	2020-12-01
oval:org.opensuse.security:def:32767	P	pcsc-lite on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28614	P	Security update for xorg-x11	2020-12-01
oval:org.mitre.oval:def:18043	P	USN-1596-1 -- python2.6 vulnerabilities	2014-07-07
oval:org.mitre.oval:def:17941	P	USN-1616-1 -- python3.1 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:18020	P	USN-1613-2 -- python2.4 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:17830	P	USN-1613-1 -- python2.5 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:22821	P	ELSA-2011:0027: python security, bug fix, and enhancement update (Low)	2014-05-26
oval:org.mitre.oval:def:21921	P	RHSA-2011:0027: python security, bug fix, and enhancement update (Low)	2014-02-24
oval:com.redhat.rhsa:def:20110491	P	RHSA-2011:0491: python security update (Moderate)	2011-05-05
oval:com.redhat.rhsa:def:20110027	P	RHSA-2011:0027: python security, bug fix, and enhancement update (Low)	2011-01-13
oval:com.ubuntu.precise:def:20102089000	V	CVE-2010-2089 on Ubuntu 12.04 LTS (precise) - low.	2010-05-27

BACK