lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: security at caldera.com (security@...dera.com)
Subject: Security Update: [CSSA-2002-045.0] Linux: python insecure temporary files in os._execvpe

To: bugtraq@...urityfocus.com announce@...ts.caldera.com security-alerts@...uxsecurity.com full-disclosure@...ts.netsys.com

______________________________________________________________________________

			SCO Security Advisory

Subject:		Linux: python insecure temporary files in os._execvpe 
Advisory number: 	CSSA-2002-045.0
Issue date: 		2002 November 14
Cross reference:
______________________________________________________________________________


1. Problem Description

	os._execvpe from os.py in Python creates temporary files with
	predictable names, which could allow local users to execute
	arbitrary code via a symlink attack.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to python-1.5.2-23.i386.rpm
					prior to python-devel-1.5.2-23.i386.rpm
					prior to python-docs-1.5.2-23.i386.rpm
					prior to python-tools-1.5.2-23.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to python-1.5.2-23.i386.rpm
					prior to python-devel-1.5.2-23.i386.rpm
					prior to python-docs-1.5.2-23.i386.rpm
					prior to python-tools-1.5.2-23.i386.rpm

	OpenLinux 3.1 Server		prior to python-1.5.2-23.i386.rpm
					prior to python-devel-1.5.2-23.i386.rpm
					prior to python-docs-1.5.2-23.i386.rpm
					prior to python-tools-1.5.2-23.i386.rpm

	OpenLinux 3.1 Workstation	prior to python-1.5.2-23.i386.rpm
					prior to python-devel-1.5.2-23.i386.rpm
					prior to python-docs-1.5.2-23.i386.rpm
					prior to python-tools-1.5.2-23.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-045.0/RPMS

	4.2 Packages

	d02a87d515a2e0295b61a70e21d85d67	python-1.5.2-23.i386.rpm
	f026986740ce3b24aa75a6ef6d6f813d	python-devel-1.5.2-23.i386.rpm
	a4d8a3a8a6011f4d87d1a3c3e75150d1	python-docs-1.5.2-23.i386.rpm
	6283c3abfb5a339d6f3c8e1b2b0304fc	python-tools-1.5.2-23.i386.rpm

	4.3 Installation

	rpm -Fvh python-1.5.2-23.i386.rpm
	rpm -Fvh python-devel-1.5.2-23.i386.rpm
	rpm -Fvh python-docs-1.5.2-23.i386.rpm
	rpm -Fvh python-tools-1.5.2-23.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2002-045.0/SRPMS

	4.5 Source Packages

	3041180ed79446f6a8cd8cfedff00c26	python-1.5.2-23.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-045.0/RPMS

	5.2 Packages

	6d2e343894471d4a93526a50e58af0a0	python-1.5.2-23.i386.rpm
	b6deb353e9a98e9b0e340e8b477a824a	python-devel-1.5.2-23.i386.rpm
	7add35e7aef1386039852737a86ddbee	python-docs-1.5.2-23.i386.rpm
	6171e897385c76edf00c0e02f08347cf	python-tools-1.5.2-23.i386.rpm

	5.3 Installation

	rpm -Fvh python-1.5.2-23.i386.rpm
	rpm -Fvh python-devel-1.5.2-23.i386.rpm
	rpm -Fvh python-docs-1.5.2-23.i386.rpm
	rpm -Fvh python-tools-1.5.2-23.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2002-045.0/SRPMS

	5.5 Source Packages

	0ab0a2c193ec4031d706648ab2b3b9d1	python-1.5.2-23.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-045.0/RPMS

	6.2 Packages

	d294fd2d394f464e21866a08e0023b08	python-1.5.2-23.i386.rpm
	4c17a3b0bc297dd2efe5cd1857894ac7	python-devel-1.5.2-23.i386.rpm
	ed4acb8309c022ed86ca6f70d6a76977	python-docs-1.5.2-23.i386.rpm
	3fc021186ac2ff05af448c945481a6d5	python-tools-1.5.2-23.i386.rpm

	6.3 Installation

	rpm -Fvh python-1.5.2-23.i386.rpm
	rpm -Fvh python-devel-1.5.2-23.i386.rpm
	rpm -Fvh python-docs-1.5.2-23.i386.rpm
	rpm -Fvh python-tools-1.5.2-23.i386.rpm

	6.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2002-045.0/SRPMS

	6.5 Source Packages

	fd76ce8a916c54b2bb39c59dfab108ab	python-1.5.2-23.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-045.0/RPMS

	7.2 Packages

	63778bc0ecd4b9d0bea8d13f0c8f6675	python-1.5.2-23.i386.rpm
	e0321c8e207b61596f0a229c5a39d637	python-devel-1.5.2-23.i386.rpm
	c990c27494f5be2197d04a9547e7fa6b	python-docs-1.5.2-23.i386.rpm
	8af51bc909042691f3578fcc5c3e2ca2	python-tools-1.5.2-23.i386.rpm

	7.3 Installation

	rpm -Fvh python-1.5.2-23.i386.rpm
	rpm -Fvh python-devel-1.5.2-23.i386.rpm
	rpm -Fvh python-docs-1.5.2-23.i386.rpm
	rpm -Fvh python-tools-1.5.2-23.i386.rpm

	7.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2002-045.0/SRPMS

	7.5 Source Packages

	9dcbab4cbf814be8291b5a68241176f2	python-1.5.2-23.src.rpm


8. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1119

	SCO security resources:
		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr868648, fz525980,
	erg712115.


9. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.

______________________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 237 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20021114/b0f191a0/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ