Test ID:	1.3.6.1.4.1.25623.1.0.63286
Category:	Fedora Local Security Checks
Title:	Fedora Core 10 FEDORA-2009-0943 (dia)
Summary:	The remote host is missing an update to dia;announced via advisory FEDORA-2009-0943.;Note: This VT has been deprecated and is therefore no longer functional.
Description:	Summary: The remote host is missing an update to dia announced via advisory FEDORA-2009-0943. Note: This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: Update Information: Filter out untrusted python modules search path to remove the possibility to run arbitrary code on the user's system if there is a python file in dia's working directory named the same as one that dia's python scripts try to import. ChangeLog: * Mon Jan 26 2009 Caolán McNamara 1:0.96.1-9 - Resolves: rhbz#481551 python modules search path * Fri Oct 31 2008 Caolán McNamara 1:0.96.1-8 - kill the .las Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update dia' at the command line. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5984 BugTraq ID: 33448 http://www.securityfocus.com/bid/33448 https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:040 http://www.mandriva.com/security/advisories?name=MDVSA-2009:046 http://www.openwall.com/lists/oss-security/2009/01/26/2 http://secunia.com/advisories/33672 http://secunia.com/advisories/33703 XForce ISS Database: dia-pysyssetargv-privilege-escalation(48262) https://exchange.xforce.ibmcloud.com/vulnerabilities/48262
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.