|
|
Family: Red Hat Local Security Checks --> Category: infos
RHSA-2003-048: python Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the python packages
Detailed Explanation for this Vulnerability Test
An insecure use of a temporary file has been found in Python.
Python is an interpreted, interactive, object-oriented programming
language.
Zack Weinberg discovered that os._execvpe from os.py in Python 2.2.1 and
earlier creates temporary files with predictable names. This could allow
local users to execute arbitrary code via a symlink attack
All users should upgrade to these errata packages which include a patch to
python 1.5.2 to correct this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2003-048.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
