 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.51196 |
| Kategorie: | Red Hat Local Security Checks |
| Titel: | RedHat Security Advisory RHSA-2003:048 |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2003:048. An insecure use of a temporary file has been found in Python. Python is an interpreted, interactive, object-oriented programming language. Zack Weinberg discovered that os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names. This could allow local users to execute arbitrary code via a symlink attack All users should upgrade to these errata packages which include a patch to python 1.5.2 to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2003-048.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156556 Risk factor : Medium CVSS Score: 4.6 |
| Querverweis: |
BugTraq ID: 5581 Common Vulnerability Exposure (CVE) ID: CVE-2002-1119 http://www.securityfocus.com/bid/5581 Bugtraq: 20030123 [OpenPKG-SA-2003.006] OpenPKG Security Advisory (python) (Google Search) http://marc.info/?l=bugtraq&m=104333092200589&w=2 Caldera Security Advisory: CSSA-2002-045.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-045.0.txt Conectiva Linux advisory: CLA-2002:527 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000527 Debian Security Information: DSA-159 (Google Search) http://www.debian.org/security/2002/dsa-159 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-082.php http://mail.python.org/pipermail/python-dev/2002-August/027229.html http://www.redhat.com/support/errata/RHSA-2002-202.html http://www.redhat.com/support/errata/RHSA-2003-048.html http://www.iss.net/security_center/static/10009.php |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |