CVE-2008-0302

Related Files

Ubuntu Security Notice 572-1

Posted Jan 19, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 572-1 - Felipe Sateler discovered that apt-listchanges did not use safe paths when importing additional Python libraries. A local attacker could exploit this and execute arbitrary commands as the user running apt-listchanges.

tags | advisory, arbitrary, local, python

systems | linux, ubuntu

advisories | CVE-2008-0302

SHA-256 | 849cdd5c1ef192c79a573a100a21f3414b7ce8e6391a7ff7d770371d6d163eb2

Download | Favorite | View

Debian Linux Security Advisory 1465-2

Posted Jan 18, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1465-2 - Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to. This security update fixes a regression in the previous one, which caused the package to fail to work.

tags | advisory, arbitrary, shell, local, root, python

systems | linux, debian

advisories | CVE-2008-0302

SHA-256 | 1f539f05b7b83a4ea630b9337ef4aeff1d755f4eea49e03a7839c5196ee7bc51

Download | Favorite | View

Debian Linux Security Advisory 1465-1

Posted Jan 18, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1465-1 - Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to.

tags | advisory, arbitrary, shell, local, root, python

systems | linux, debian

advisories | CVE-2008-0302

SHA-256 | 7b1d9ccc36f604c9dcd6edd3d81ef938f40c3ece916837e63d8aa18f4bac6476

Download | Favorite | View