11 matches found
Mageia: Security Advisory (MGASA-2014-0216)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Python 3.2.x < 3.2.6, 3.3.x < 3.3.6, 3.4.x < 3.4.1 os.makedirs() not thread-safe (bpo-21082) - Linux
Python is prone to a local security bypass vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...
GLSA-201503-10 : Python: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201503-10 Python: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to execute...
Fedora 19 : python3-3.3.2-11.fc19 (2014-16479)
Fixes CVEs 2013-7338 and 2014-2667. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora 20 : python3-3.3.2-19.fc20 (2014-16393)
Fixes CVEs 2013-7338 and 2014-2667. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora Update for python3 FEDORA-2014-16393
Check the version of python3 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868568";...
CVE-2014-2667
CVE-2014-2667: Race condition in Python’s Lib/os.py _get_masked_mode when exist_ok is true across Python 3.2–3.5. The issue allows local users to bypass intended file permissions by exploiting a separate application vulnerability before the process umask is set. Connected OpenVAS entries corrobor...
CVE-2014-2667
Race condition in the getmaskedmode function in Lib/os.py in Python 3.2 through 3.5, when existok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the...
openSUSE Security Update : python3 (openSUSE-SU-2014:0597-1)
This python update fixes the following security and non-security issues : - bnc869222: Fixed DoS when opening malicious archives CVE-2013-7338. - bnc863741: Fixed buffer overflow in socket.recvfrominto CVE-2014-1912. - bnc871152: Fixed race condition with umask when creating directories with...
MGASA-2014-0216 Updated python3 packages fix security vulnerability
It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit fil...
Updated python3 packages fix security vulnerability
It was reported that a patch added to Python 3.2 caused a race condition where a file created could be created with world read/write permissions instead of the permissions dictated by the original umask of the process. This could allow a local attacker that could win the race to view and edit fil...