Main Vulnerability Database Vulnerabilities #VU110172

Buffer overflow in Python - CVE-2004-0150

Published: August 2, 2023 / Updated: June 3, 2025

Vulnerability identifier: #VU110172

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2004-0150

CWE-ID: CWE-120

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Python

Software vendor:
Python.org

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.

Remediation

Install update from vendor's website.

External links

http://www.debian.org/security/2004/dsa-458
http://www.securityfocus.com/bid/9836
http://www.gentoo.org/security/en/glsa/glsa-200409-03.xml
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:019
http://www.osvdb.org/4172
https://exchange.xforce.ibmcloud.com/vulnerabilities/15409

Buffer overflow in Python - CVE-2004-0150

Description

Remediation

External links

Please verify you're human