CVE-2012-0860

Multiple untrusted search path vulnerabilities in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when adding a host, allow local users to gain privileges via a Trojan horse 1 deployUtil.py or 2 vdsbootstrap.py Python module in /tmp/...

Fedora 10 : cobbler-1.2.9-1.fc10 (2008-10069)

Fixes a security vulnerability where a CobblerWeb user if so configured can import a Python module via a web-edited Cheetah template and run commands as root. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

[SECURITY] Fedora 17 Update: python-feedparser-5.1.2-2.fc17

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

Fedora 15 : clearsilver-0.10.5-15.fc15 (2011-17040)

This update fixes : - Bug 757543 - clearsilver neocgi: Format string flaw by processing CGI error messages in Python module fedora-all Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automaticall...

CentOS Update for dstat CESA-2009:1619 centos5 i386

Check for the Version of dstat OpenVAS Vulnerability Test CentOS Update for dstat CESA-2009:1619 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 14 Update: python-feedparser-5.0.1-1.fc14

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

[SECURITY] Fedora 15 Update: python-feedparser-5.0.1-1.fc15

Universal Feed Parser is a Python module for downloading and parsing syndicated feeds. It can handle RSS 0.90, Netscape RSS 0.91, Userland RSS 0.91, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, Atom 1.0, and CDF feeds. It also parses several popular extension modules, including Dubli...

CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service memory corruption and application crash via crafted arguments, as demonstrated by a call to...

Mandriva Security Advisory MDVSA-2009:341 (dstat)

The remote host is missing an update to dstat announced via advisory MDVSA-2009:341. OpenVAS Vulnerability Test $Id: mdksa2009341.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:341 dstat Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

TLS Renegotiation Vulnerability: Proof of Concept Code (Python)

Information about a vulnerability in the TLS protocol was published in the beginning of November 2009. Attackers can take advantage of that vulnerability to inject arbitrary prefixes into a network connection protected by TLS. This can result in severe vulnerabilities, depending on the applicatio...

dstat security update

CentOS Errata and Security Advisory CESA-2009:1619 An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the...

Dstat sys.path搜索路径本地权限提升漏洞

BUGTRAQ ID: 37131 CVECAN ID: CVE-2009-3894,CVE-2009-4081 Dstat是vmstat、iostat和netstat工具的多功能替代品，可用于性能调节测试、基准和故障排除等方面。 dstat在sys.path中包含有当前工作目录和profile子目录。如果本地用户在攻击者可写的目录（如/tmp）中运行了dstat且攻击者在该目录中放置了某些Python模块（如getopt.py），就可以导致以运行dstat用户的权限执行任意代码。 Dag Wiers dstat 0.6.9 厂商补丁： RedHat ------...

RedHat Security Advisory RHSA-2009:1619

The remote host is missing updates announced in advisory RHSA-2009:1619. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be used for performance tuning tests, benchmarks, and troubleshooting. Robert Buchholz of the Gentoo Security Team reported a flaw in the...

RHEL 5 : dstat (RHSA-2009:1619)

An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be use...

Moderate: Red Hat Security Advisory: dstat security update

An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be use...

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

Design/Logic Flaw

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

Design/Logic Flaw

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...