Nessus Plugin #14996
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA159] DSA-159-1 python
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-159-1 python
- Version:
- $Revision: 1.4 $
- Cve_id:
- CVE-2002-1119
- Bugtraq_id:
- 5581
- Xrefs:
- DSA:159
- Description:
Zack Weinberg discovered an insecure use of a temporary file in
os._execvpe from os.py. It uses a predictable name which could lead
execution of arbitrary code.
This problem has been fixed in several versions of Python: For the
current stable distribution (woody) it has been fixed in version
1.5.2-23.1 of Python 1.5, in version 2.1.3-3.1 of Python 2.1 and in
version 2.2.1-4.1 of Python 2.2. For the old stable distribution
(potato) this has been fixed in version 1.5.2-10potato12 for Python
1.5. For the unstable distribution (sid) this has been fixed in
version 1.5.2-24 of Python 1.5, in version 2.1.3-6a of Python 2.1 and
in version 2.2.1-8 of Python 2.2. Python 2.3 is not affected by this
problem.
We recommend that you upgrade your Python packages immediately.
Solution : http://www.debian.org/security/2002/dsa-159
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.