Computer Security
[EN] securityvulns.ru no-pyccku


Enomaly ECP / Enomalism symbolic links vulnerability
updated since 01.02.2009
Published:17.02.2009
Source:
SecurityVulns ID:9638
Type:local
Threat Level:
5/10
Description:Insecure temporary files creation.
Affected:ENOMALY : Enomaly ECP 2.1
CVE:CVE-2009-0390 (Argument injection vulnerability in Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program.)
 CVE-2008-4990 (Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.)
Original documentdocumentSam Johnston, Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh (redux) (17.02.2009)
 documentSam Johnston, CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities (01.02.2009)

FreeBSD telnetd privilege escalation
updated since 16.02.2009
Published:17.02.2009
Source:
SecurityVulns ID:9680
Type:remote
Threat Level:
9/10
Description:LD_xxx environment variable are not cleared on 'login' execution, makeing it's possible to execute code witi root privileges. For remote exploitation it's required to have ability to upload the file to remote system (via FTP, Web, etc).
Affected:FREEBSD : FreeBSD 7.0
 FREEBSD : FreeBSD 7.1
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-09:05.telnetd (17.02.2009)
 documentKingcope Kingcope, [Full-disclosure] FreeBSD zeroday (16.02.2009)

blender / gedit / gnumeric / vim / eog python scripts code execution
updated since 17.02.2009
Published:07.04.2009
Source:
SecurityVulns ID:9683
Type:local
Threat Level:
4/10
Description:sys.path variable manipulation is possible to load arbitrary modules.
Affected:GNUMERIC : gnumeric 1.8
 BLENDER : Blender 2.46
 GEDIT : gedit 2.24
 EPIPHANY : epiphany 2.24
 EOG : Eye of GNOME 2.22
CVE:CVE-2009-0318 (Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).)
 CVE-2009-0316 (Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.)
 CVE-2009-0314 (Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).)
 CVE-2008-5987 (Untrusted search path vulnerability in the Python interface in eog 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).)
 CVE-2008-5985 (Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).)
 CVE-2008-5983 (Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.)
 CVE-2008-4863 (Untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.)
Original documentdocumentGENTOO, [ GLSA 200904-06 ] Eye of GNOME: Untrusted search path (07.04.2009)
 documentMANDRIVA, [ MDVSA-2009:063 ] eog (04.03.2009)
 documentMANDRIVA, [ MDVSA-2009:048 ] epiphany (25.02.2009)
 documentMANDRIVA, [ MDVSA-2009:048-1 ] epiphany (24.02.2009)
 documentMANDRIVA, [ MDVSA-2009:047 ] vim (21.02.2009)
 documentMANDRIVA, [ MDVSA-2009:043 ] gnumeric (20.02.2009)
 documentMANDRIVA, [ MDVSA-2009:038 ] blender (17.02.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod