GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Tue Sep 21, 2010 11:26 pm Post subject: [ GLSA 201009-08 ] python-updater: Untrusted search path |
|
|
Gentoo Linux Security Advisory
Title: python-updater: Untrusted search path (GLSA 201009-08)
Severity: high
Exploitable: local
Date: September 21, 2010
Bug(s): #288361
ID: 201009-08
Synopsis
An untrusted search path vulnerability in python-updater might result in
the execution of arbitrary code.
Background
python-updater is a script used to remerge python packages when
changing Python version.
Affected Packages
Package: app-admin/python-updater
Vulnerable: < 0.7-r1
Unaffected: >= 0.7-r1
Architectures: All supported architectures
Description
Robert Buchholz of the Gentoo Security Team reported that
python-updater includes the current working directory and
subdirectories in the Python module search path (sys.path) before
calling "import".
Impact
A local attacker could entice the root user to run "python-updater"
from a directory containing a specially crafted Python module,
resulting in the execution of arbitrary code with root privileges.
Workaround
Do not run "python-updater" from untrusted working directories.
Resolution
All python-updater users should upgrade to the latest version:
Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/python-updater-0.7-r1" |
|
|