ID CVE-2008-5987 Type cve Reporter cve@mitre.org Modified 2009-04-16T05:35:00
Description
Untrusted search path vulnerability in the Python interface in Eye of GNOME (eog) 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
{"openvas": [{"lastseen": "2018-04-06T11:40:43", "bulletinFamily": "scanner", "description": "The remote host is missing an update to eog\nannounced via advisory MDVSA-2009:063.", "modified": "2018-04-06T00:00:00", "published": "2009-03-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063480", "id": "OPENVAS:136141256231063480", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:063 (eog)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_063.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:063 (eog)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python has a variable called sys.path that contains all paths where\nPython loads modules by using import scripting procedure. A wrong\nhandling of that variable enables local attackers to execute arbitrary\ncode via Python scripting in the current eog working directory\n(CVE-2008-5987).\n\nThis update provides fix for that vulnerability.\n\nAffected: 2008.1, 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:063\";\ntag_summary = \"The remote host is missing an update to eog\nannounced via advisory MDVSA-2009:063.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63480\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-5987\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:063 (eog)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"eog\", rpm:\"eog~2.22.0~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog-devel\", rpm:\"eog-devel~2.22.0~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog\", rpm:\"eog~2.24.0~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog-devel\", rpm:\"eog-devel~2.24.0~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:15", "bulletinFamily": "scanner", "description": "The remote host is missing an update to eog\nannounced via advisory MDVSA-2009:063.", "modified": "2017-07-06T00:00:00", "published": "2009-03-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63480", "id": "OPENVAS:63480", "title": "Mandrake Security Advisory MDVSA-2009:063 (eog)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_063.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:063 (eog)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Python has a variable called sys.path that contains all paths where\nPython loads modules by using import scripting procedure. A wrong\nhandling of that variable enables local attackers to execute arbitrary\ncode via Python scripting in the current eog working directory\n(CVE-2008-5987).\n\nThis update provides fix for that vulnerability.\n\nAffected: 2008.1, 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:063\";\ntag_summary = \"The remote host is missing an update to eog\nannounced via advisory MDVSA-2009:063.\";\n\n \n\nif(description)\n{\n script_id(63480);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2008-5987\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:063 (eog)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"eog\", rpm:\"eog~2.22.0~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog-devel\", rpm:\"eog-devel~2.22.0~2.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog\", rpm:\"eog~2.24.0~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"eog-devel\", rpm:\"eog-devel~2.24.0~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:09", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200904-06.", "modified": "2018-04-06T00:00:00", "published": "2009-04-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063800", "id": "OPENVAS:136141256231063800", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200904-06 (eog)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An untrusted search path vulnerability in the Eye of GNOME might result in\nthe execution of arbitrary code.\";\ntag_solution = \"All Eye of GNOME users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/eog-2.22.3-r3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=257002\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200904-06.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63800\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-15 22:11:00 +0200 (Wed, 15 Apr 2009)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2008-5987\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200904-06 (eog)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/eog\", unaffected: make_list(\"ge 2.22.3-r3\"), vulnerable: make_list(\"lt 2.22.3-r3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:44", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200904-06.", "modified": "2017-07-07T00:00:00", "published": "2009-04-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=63800", "id": "OPENVAS:63800", "title": "Gentoo Security Advisory GLSA 200904-06 (eog)", "type": "openvas", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An untrusted search path vulnerability in the Eye of GNOME might result in\nthe execution of arbitrary code.\";\ntag_solution = \"All Eye of GNOME users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/eog-2.22.3-r3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200904-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=257002\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200904-06.\";\n\n \n \n\nif(description)\n{\n script_id(63800);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-15 22:11:00 +0200 (Wed, 15 Apr 2009)\");\n script_cve_id(\"CVE-2008-5983\", \"CVE-2008-5987\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200904-06 (eog)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"media-gfx/eog\", unaffected: make_list(\"ge 2.22.3-r3\"), vulnerable: make_list(\"lt 2.22.3-r3\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:063\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : eog\r\n Date : March 2, 2009\r\n Affected: 2008.1, 2009.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Python has a variable called sys.path that contains all paths where\r\n Python loads modules by using import scripting procedure. A wrong\r\n handling of that variable enables local attackers to execute arbitrary\r\n code via Python scripting in the current eog working directory\r\n (CVE-2008-5987).\r\n \r\n This update provides fix for that vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5987\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Linux 2008.1:\r\n 3a5307da4e704d80ffae6cc0417cf1e8 2008.1/i586/eog-2.22.0-2.1mdv2008.1.i586.rpm\r\n d7e8fe6d4313f5f8dd74bdb3bafdd4e6 2008.1/i586/eog-devel-2.22.0-2.1mdv2008.1.i586.rpm \r\n e93aee8a13e874aad2729d8f0a9dae86 2008.1/SRPMS/eog-2.22.0-2.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2008.1/X86_64:\r\n d1e9d29e243845bb4def4538ed4b2024 2008.1/x86_64/eog-2.22.0-2.1mdv2008.1.x86_64.rpm\r\n 25a7459f468c84a16ee922776f0faa4f 2008.1/x86_64/eog-devel-2.22.0-2.1mdv2008.1.x86_64.rpm \r\n e93aee8a13e874aad2729d8f0a9dae86 2008.1/SRPMS/eog-2.22.0-2.1mdv2008.1.src.rpm\r\n\r\n Mandriva Linux 2009.0:\r\n f31223e6de4f8983881dfcf285dd9edd 2009.0/i586/eog-2.24.0-1.1mdv2009.0.i586.rpm\r\n 083c380961411066f65caf0fd386ba49 2009.0/i586/eog-devel-2.24.0-1.1mdv2009.0.i586.rpm \r\n fd4ecc84ee25b93328b6a3092f6a3a40 2009.0/SRPMS/eog-2.24.0-1.1mdv2009.0.src.rpm\r\n\r\n Mandriva Linux 2009.0/X86_64:\r\n f4ba54784ea91f0f74af8bc5c87d338c 2009.0/x86_64/eog-2.24.0-1.1mdv2009.0.x86_64.rpm\r\n 7a2ae7d440ac69276360b627c09114a4 2009.0/x86_64/eog-devel-2.24.0-1.1mdv2009.0.x86_64.rpm \r\n fd4ecc84ee25b93328b6a3092f6a3a40 2009.0/SRPMS/eog-2.24.0-1.1mdv2009.0.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFJrEJVmqjQ0CJFipgRAqKTAJ923AHiUFAee/GCbeS/SCWOor8JGQCcCp+X\r\nhezcPNZZftljiR4q3xX3Aw8=\r\n=tzt3\r\n-----END PGP SIGNATURE-----", "modified": "2009-03-04T00:00:00", "published": "2009-03-04T00:00:00", "id": "SECURITYVULNS:DOC:21419", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21419", "title": "[ MDVSA-2009:063 ] eog", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200904-06\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Eye of GNOME: Untrusted search path\r\n Date: April 06, 2009\r\n Bugs: #257002\r\n ID: 200904-06\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nAn untrusted search path vulnerability in the Eye of GNOME might result\r\nin the execution of arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nThe Eye of GNOME is the official image viewer for the GNOME Desktop\r\nenvironment.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 media-gfx/eog < 2.22.3-r3 >= 2.22.3-r3\r\n\r\nDescription\r\n===========\r\n\r\nJames Vega reported an untrusted search path vulnerability in the\r\nGObject Python interpreter wrapper in the Eye of GNOME, a vulnerabiliy\r\nrelated to CVE-2008-5983.\r\n\r\nImpact\r\n======\r\n\r\nA local attacker could entice a user to run the Eye of GNOME from a\r\ndirectory containing a specially crafted python module, resulting in\r\nthe execution of arbitrary code with the privileges of the user running\r\nthe application.\r\n\r\nWorkaround\r\n==========\r\n\r\nDo not run "eog" from untrusted working directories.\r\n\r\nResolution\r\n==========\r\n\r\nAll Eye of GNOME users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=media-gfx/eog-2.22.3-r3"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-5983\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5983\r\n [ 2 ] CVE-2008-5987\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5987\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200904-06.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2009 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n", "modified": "2009-04-07T00:00:00", "published": "2009-04-07T00:00:00", "id": "SECURITYVULNS:DOC:21590", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21590", "title": "[ GLSA 200904-06 ] Eye of GNOME: Untrusted search path", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "description": "sys.path variable manipulation is possible to load arbitrary modules.", "modified": "2009-04-07T00:00:00", "published": "2009-04-07T00:00:00", "id": "SECURITYVULNS:VULN:9683", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9683", "title": "blender / gedit / gnumeric / vim / eog python scripts code execution", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-12-13T08:05:37", "bulletinFamily": "scanner", "description": "Python has a variable called sys.path that contains all paths where\nPython loads modules by using import scripting procedure. A wrong\nhandling of that variable enables local attackers to execute arbitrary\ncode via Python scripting in the current eog working directory\n(CVE-2008-5987).\n\nThis update provides fix for that vulnerability.", "modified": "2019-12-02T00:00:00", "id": "MANDRIVA_MDVSA-2009-063.NASL", "href": "https://www.tenable.com/plugins/nessus/37235", "published": "2009-04-23T00:00:00", "title": "Mandriva Linux Security Advisory : eog (MDVSA-2009:063)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:063. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(37235);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2019/08/02 13:32:51\");\n\n script_cve_id(\"CVE-2008-5987\");\n script_xref(name:\"MDVSA\", value:\"2009:063\");\n\n script_name(english:\"Mandriva Linux Security Advisory : eog (MDVSA-2009:063)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Python has a variable called sys.path that contains all paths where\nPython loads modules by using import scripting procedure. A wrong\nhandling of that variable enables local attackers to execute arbitrary\ncode via Python scripting in the current eog working directory\n(CVE-2008-5987).\n\nThis update provides fix for that vulnerability.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected eog and / or eog-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:eog-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.1\", reference:\"eog-2.22.0-2.1mdv2008.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.1\", reference:\"eog-devel-2.22.0-2.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"eog-2.24.0-1.1mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"eog-devel-2.24.0-1.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T07:33:24", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200904-06\n(Eye of GNOME: Untrusted search path)\n\n James Vega reported an untrusted search path vulnerability in the\n GObject Python interpreter wrapper in the Eye of GNOME, a vulnerabiliy\n related to CVE-2008-5983.\n \nImpact :\n\n A local attacker could entice a user to run the Eye of GNOME from a\n directory containing a specially crafted python module, resulting in\n the execution of arbitrary code with the privileges of the user running\n the application.\n \nWorkaround :\n\n Do not run ", "modified": "2019-12-02T00:00:00", "id": "GENTOO_GLSA-200904-06.NASL", "href": "https://www.tenable.com/plugins/nessus/36094", "published": "2009-04-07T00:00:00", "title": "GLSA-200904-06 : Eye of GNOME: Untrusted search path", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200904-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(36094);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/08/02 13:32:45\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2008-5987\");\n script_xref(name:\"GLSA\", value:\"200904-06\");\n\n script_name(english:\"GLSA-200904-06 : Eye of GNOME: Untrusted search path\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200904-06\n(Eye of GNOME: Untrusted search path)\n\n James Vega reported an untrusted search path vulnerability in the\n GObject Python interpreter wrapper in the Eye of GNOME, a vulnerabiliy\n related to CVE-2008-5983.\n \nImpact :\n\n A local attacker could entice a user to run the Eye of GNOME from a\n directory containing a specially crafted python module, resulting in\n the execution of arbitrary code with the privileges of the user running\n the application.\n \nWorkaround :\n\n Do not run 'eog' from untrusted working directories.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200904-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Eye of GNOME users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=media-gfx/eog-2.22.3-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:eog\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"media-gfx/eog\", unaffected:make_list(\"ge 2.22.3-r3\"), vulnerable:make_list(\"lt 2.22.3-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Eye of GNOME\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-13T08:53:08", "bulletinFamily": "scanner", "description": "Updated python packages that fix multiple security issues, several\nbugs, and add two enhancements are now available for Red Hat\nEnterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nIt was found that many applications embedding the Python interpreter\ndid not specify a valid full path to the script or application when\ncalling the PySys_SetArgv API function, which could result in the\naddition of the current working directory to the module search path\n(sys.path). A local attacker able to trick a victim into running such\nan application in an attacker-controlled directory could use this flaw\nto execute code with the victim", "modified": "2019-12-02T00:00:00", "id": "REDHAT-RHSA-2011-0027.NASL", "href": "https://www.tenable.com/plugins/nessus/51524", "published": "2011-01-14T00:00:00", "title": "RHEL 5 : python (RHSA-2011:0027)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0027. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51524);\n script_version (\"1.17\");\n script_cvs_date(\"Date: 2019/10/25 13:36:15\");\n\n script_cve_id(\"CVE-2008-5983\", \"CVE-2008-5984\", \"CVE-2008-5985\", \"CVE-2008-5986\", \"CVE-2008-5987\", \"CVE-2009-0314\", \"CVE-2009-0315\", \"CVE-2009-0316\", \"CVE-2009-0317\", \"CVE-2009-4134\", \"CVE-2010-1449\", \"CVE-2010-1450\", \"CVE-2010-1634\", \"CVE-2010-2089\");\n script_bugtraq_id(40361, 40363, 40365, 40370, 40862, 40863);\n script_xref(name:\"RHSA\", value:\"2011:0027\");\n\n script_name(english:\"RHEL 5 : python (RHSA-2011:0027)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated python packages that fix multiple security issues, several\nbugs, and add two enhancements are now available for Red Hat\nEnterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nPython is an interpreted, interactive, object-oriented programming\nlanguage.\n\nIt was found that many applications embedding the Python interpreter\ndid not specify a valid full path to the script or application when\ncalling the PySys_SetArgv API function, which could result in the\naddition of the current working directory to the module search path\n(sys.path). A local attacker able to trick a victim into running such\nan application in an attacker-controlled directory could use this flaw\nto execute code with the victim's privileges. This update adds the\nPySys_SetArgvEx API. Developers can modify their applications to use\nthis new API, which sets sys.argv without modifying sys.path.\n(CVE-2008-5983)\n\nMultiple flaws were found in the Python rgbimg module. If an\napplication written in Python was using the rgbimg module and loaded a\nspecially crafted SGI image file, it could cause the application to\ncrash or, possibly, execute arbitrary code with the privileges of the\nuser running the application. (CVE-2009-4134, CVE-2010-1449,\nCVE-2010-1450)\n\nMultiple flaws were found in the Python audioop module. Supplying\ncertain inputs could cause the audioop module to crash or, possibly,\nexecute arbitrary code. (CVE-2010-1634, CVE-2010-2089)\n\nThis update also fixes the following bugs :\n\n* When starting a child process from the subprocess module in Python\n2.4, the parent process could leak file descriptors if an error\noccurred. This update resolves the issue. (BZ#609017)\n\n* Prior to Python 2.7, programs that used 'ulimit -n' to enable\ncommunication with large numbers of subprocesses could still monitor\nonly 1024 file descriptors at a time, which caused an exception :\n\nValueError: filedescriptor out of range in select()\n\nThis was due to the subprocess module using the 'select' system call.\nThe module now uses the 'poll' system call, removing this limitation.\n(BZ#609020)\n\n* Prior to Python 2.5, the tarfile module failed to unpack tar files\nif the path was longer than 100 characters. This update backports the\ntarfile module from Python 2.5 and the issue no longer occurs.\n(BZ#263401)\n\n* The email module incorrectly implemented the logic for obtaining\nattachment file names: the get_filename() fallback for using the\ndeprecated 'name' parameter of the 'Content-Type' header erroneously\nused the 'Content-Disposition' header. This update backports a fix\nfrom Python 2.6, which resolves this issue. (BZ#644147)\n\n* Prior to version 2.5, Python's optimized memory allocator never\nreleased memory back to the system. The memory usage of a long-running\nPython process would resemble a 'high-water mark'. This update\nbackports a fix from Python 2.5a1, which frees unused arenas, and adds\na non-standard sys._debugmallocstats() function, which prints\ndiagnostic information to stderr. Finally, when running under\nValgrind, the optimized allocator is deactivated, to allow more\nconvenient debugging of Python memory usage issues. (BZ#569093)\n\n* The urllib and urllib2 modules ignored the no_proxy variable, which\ncould lead to programs such as 'yum' erroneously accessing a proxy\nserver for URLs covered by a 'no_proxy' exclusion. This update\nbackports fixes of urllib and urllib2, which respect the 'no_proxy'\nvariable, which fixes these issues. (BZ#549372)\n\nAs well, this update adds the following enhancements :\n\n* This update introduces a new python-libs package, subsuming the\nmajority of the content of the core python package. This makes both\n32-bit and 64-bit Python libraries available on PowerPC systems.\n(BZ#625372)\n\n* The python-libs.i386 package is now available for 64-bit Itanium\nwith the 32-bit Itanium compatibility mode. (BZ#644761)\n\nAll Python users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add these\nenhancements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-5983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-4134\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2089\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0027\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tkinter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0027\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"python-devel-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-libs-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-libs-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-libs-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"python-tools-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"python-tools-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"python-tools-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tkinter-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tkinter-2.4.3-43.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tkinter-2.4.3-43.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python / python-devel / python-libs / python-tools / tkinter\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:58", "bulletinFamily": "unix", "description": "### Background\n\nThe Eye of GNOME is the official image viewer for the GNOME Desktop environment. \n\n### Description\n\nJames Vega reported an untrusted search path vulnerability in the GObject Python interpreter wrapper in the Eye of GNOME, a vulnerabiliy related to CVE-2008-5983. \n\n### Impact\n\nA local attacker could entice a user to run the Eye of GNOME from a directory containing a specially crafted python module, resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nDo not run \"eog\" from untrusted working directories. \n\n### Resolution\n\nAll Eye of GNOME users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=media-gfx/eog-2.22.3-r3\"", "modified": "2009-04-06T00:00:00", "published": "2009-04-06T00:00:00", "id": "GLSA-200904-06", "href": "https://security.gentoo.org/glsa/200904-06", "type": "gentoo", "title": "Eye of GNOME: Untrusted search path", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}