5 matches found
Github Account of Gentoo Linux Hacked, Code Replaced With Malware
Downloaded anything from Gentoo's GitHub account yesterday? Consider those files compromised and dump them now—as an unknown group of hackers or an individual managed to gain access to the GitHub account of the Gentoo Linux distribution on Thursday and replaced the original source code with a...
CVE-2008-4394
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the 1 ys-apps/portage, 2 net-mail/fetchmail, 3 app-editors/le...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the 1 ys-apps/portage, 2 net-mail/fetchmail, 3 app-editors/le...
CVE-2008-4394
Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the 1 ys-apps/portage, 2 net-mail/fetchmail, 3 app-editors/le...
CVE-2008-4394
CVE-2008-4394 affects Gentoo Portage prior to 2.1.4.5. The issue arises because Portage and certain ebuilds load Python modules with the current working directory in Python’s search path, enabling a local attacker to execute arbitrary code if emerge is invoked from an untrusted directory. The vul...