{"id":11361,"date":"2018-02-04T22:07:47","date_gmt":"2018-02-05T06:07:47","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2018\/02\/04\/news-5132\/"},"modified":"2018-02-04T22:07:47","modified_gmt":"2018-02-05T06:07:47","slug":"news-5132","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2018\/02\/04\/news-5132\/","title":{"rendered":"SSD Advisory \u2013 Python Bytecode Disassembler and Decompiler (pycdc) Multiple Vulnerabilities"},"content":{"rendered":"<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Sun, 04 Feb 2018 12:03:20 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3658\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><br \/><script>var obj = jQuery('#a-href-3658');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script> See our full scope at: <a href=\"https:\/\/blogs.securiteam.com\/index.php\/product_scope\">https:\/\/blogs.securiteam.com\/index.php\/product_scope<\/a><\/p>\n<div class=\"pf-content\">\n<p><strong>Vulnerabilities summary<\/strong><br \/> The following advisory describes 12 (twelve) vulnerabilities found in Python Bytecode Disassembler and Decompiler (pycdc).<\/p>\n<p>Python Bytecode Disassembler and Decompiler (pycdc) &#8220;aims to translate compiled Python byte-code back into valid and human-readable Python source code. While other projects have achieved this with varied success, Decompyle++ is unique in that it seeks to support byte-code from any version of Python.&#8221;<\/p>\n<p>The vulnerabilities found are:<\/p>\n<ul>\n<li>Heap buffer overflow (2)<\/li>\n<li>Null pointer (8)<\/li>\n<li>Global buffer overflow<\/li>\n<li>Singed integer overflow<\/li>\n<\/ul>\n<p><strong>Credit<\/strong><br \/> An independent security researcher from Geeknik Labs has reported this vulnerability to Beyond Security\u2019s SecuriTeam Secure Disclosure program.<\/p>\n<p><strong>Vendor response<\/strong><br \/> Michael Hansen was informed of the vulnerability and release a patches to address them.<br \/> For more details: https:\/\/github.com\/zrax\/pycdc\/commit\/bf60a5831bd3d3c8aa0544c5aefab3310de5d615<\/p>\n<p><strong>PoC<\/strong><br \/> At this time we will not disclose PoC &#8211; we may release these later when users of the python code have updated their systems.<\/p>\n<div class=\"printfriendly pf-alignleft\"><a href=\"#\" rel=\"nofollow\" onclick=\"window.print(); return false;\" class=\"noslimstat\" title=\"Printer Friendly, PDF &#038; Email\"><img decoding=\"async\" style=\"border:none;-webkit-box-shadow:none; box-shadow:none;\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\" alt=\"Print Friendly, PDF &#038; Email\" \/><\/a><\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3658\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\"\/><\/p>\n<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Sun, 04 Feb 2018 12:03:20 +0000<\/strong><\/p>\n<p>Vulnerabilities summary The following advisory describes 12 (twelve) vulnerabilities found in Python Bytecode Disassembler and Decompiler (pycdc). Python Bytecode Disassembler and Decompiler (pycdc) &#8220;aims to translate compiled Python byte-code back into valid and human-readable Python source code. While other projects have achieved this with varied success, Decompyle++ is unique in that it seeks to support &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3658\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013 Python Bytecode Disassembler and Decompiler (pycdc) Multiple Vulnerabilities<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[12033,12357,10757],"class_list":["post-11361","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-buffer-overflow","tag-heap-overflow","tag-securiteam-secure-disclosure"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11361","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=11361"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/11361\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=11361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=11361"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=11361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}