Test Kennung:	1.3.6.1.4.1.25623.1.0.63564
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: epiphany
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: epiphany CVE-2008-5985 Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). CVE-2008-5983 Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5985 BugTraq ID: 33441 http://www.securityfocus.com/bid/33441 http://www.gentoo.org/security/en/glsa/glsa-200903-16.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:048 http://www.openwall.com/lists/oss-security/2009/01/26/2 http://secunia.com/advisories/34187 Common Vulnerability Exposure (CVE) ID: CVE-2008-5983 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042751.html http://security.gentoo.org/glsa/glsa-200903-41.xml http://security.gentoo.org/glsa/glsa-200904-06.xml https://bugzilla.redhat.com/show_bug.cgi?id=482814 http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg586010.html http://www.openwall.com/lists/oss-security/2009/01/28/5 http://www.openwall.com/lists/oss-security/2009/01/30/2 http://www.redhat.com/support/errata/RHSA-2011-0027.html http://secunia.com/advisories/34522 http://secunia.com/advisories/40194 http://secunia.com/advisories/42888 http://secunia.com/advisories/50858 http://secunia.com/advisories/51024 http://secunia.com/advisories/51040 http://secunia.com/advisories/51087 http://www.ubuntu.com/usn/USN-1596-1 http://www.ubuntu.com/usn/USN-1613-1 http://www.ubuntu.com/usn/USN-1613-2 http://www.ubuntu.com/usn/USN-1616-1 http://www.vupen.com/english/advisories/2010/1448 http://www.vupen.com/english/advisories/2011/0122
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.