CLSA-2026-1778933429 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992

SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE - debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE - debian/patches/CVE-2024-48990.patch: do not set...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 — needrestart Local Privilege Escalation Local...

CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

EUVD-2012-5542

Malware in sbrugna...

EUVD-2022-5454

Malicious code in bioql PyPI...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 introdution This vulnerability takes advant...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 Exploit My full writeup for how I came to re-...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

UBUNTU-CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

PT-2024-8544

Name of the Vulnerable Software and Affected Versions needrestart versions prior to 3.8 Module::ScanDeps versions prior to 3.8 Description The needrestart utility, versions prior to 3.8, contains a flaw due to improper handling of the PYTHONPATH environment variable. This allows local attackers t...

Python Exec, Command Shell, Reverse TCP (via python)

Execute a Python payload from a command. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. Module Options msf use payload/cmd/windows/python/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf...

Python Exec, Python Meterpreter Shell, Bind TCP Inline

Execute a Python payload from a command. Connect to the victim and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set ACTION msf payloadmeterpreterbindtcp show...

Python Exec, Python Meterpreter Shell, Reverse HTTP Inline

Execute a Python payload from a command. Connect back to the attacker and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf...

Cheetah Path Search Order Hijacking

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

CVE-2005-1632

CVE-2005-1632 affects Cheetah 0.9.15 and 0.9.16. The root cause is that the runtime searches /tmp for modules before honoring PYTHONPATH, enabling a local attacker to execute arbitrary code via a malicious module placed in /tmp/. The linked Red Hat and Debian trackers echo this same issue. No exp...