CLSA-2026-1778933429 Fix CVE(s): CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992

SECURITY UPDATE: drop usage of Module::ScanDeps to prevent LPE - debian/patches/CVE-2024-11003.patch: drop usage of Module::ScanDeps to prevent LPE - CVE-2024-11003 SECURITY UPDATE: do not set PYTHONPATH environment variable to prevent a LPE - debian/patches/CVE-2024-48990.patch: do not set...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 — needrestart Local Privilege Escalation Local...

CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

EUVD-2012-5542

Malware in sbrugna...

EUVD-2022-5454

Malicious code in bioql PyPI...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 introdution This vulnerability takes advant...

Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart

CVE-2024-48990 Exploit My full writeup for how I came to re-...

The vulnerability of the needrestart utility, related to the uncontrolled element in the search process, allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart utility is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user by manipulating the PYTHONPATH variable during Python initialization...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

UBUNTU-CVE-2024-48990

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable...

PT-2024-8544

Name of the Vulnerable Software and Affected Versions needrestart versions prior to 3.8 Module::ScanDeps versions prior to 3.8 Description The needrestart utility, versions prior to 3.8, contains a flaw due to improper handling of the PYTHONPATH environment variable. This allows local attackers t...

Python Exec, Command Shell, Reverse TCP (via python)

Execute a Python payload from a command. Creates an interactive shell via Python, encodes with base64 by design. Compatible with Python 2.4-2.7 and 3.4+. Module Options msf use payload/cmd/windows/python/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf...

Python Exec, Python Meterpreter Shell, Bind TCP Inline

Execute a Python payload from a command. Connect to the victim and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterbindtcp msf payloadmeterpreterbindtcp show actions ...actions... msf payloadmeterpreterbindtcp set ACTION msf payloadmeterpreterbindtcp show...

Python Exec, Python Meterpreter Shell, Reverse HTTP Inline

Execute a Python payload from a command. Connect back to the attacker and spawn a Meterpreter shell Module Options msf use payload/cmd/windows/python/meterpreterreversehttp msf payloadmeterpreterreversehttp show actions ...actions... msf payloadmeterpreterreversehttp set ACTION msf...

Cheetah Path Search Order Hijacking

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/...

CVE-2005-1632

CVE-2005-1632 affects Cheetah 0.9.15 and 0.9.16. The root cause is that the runtime searches /tmp for modules before honoring PYTHONPATH, enabling a local attacker to execute arbitrary code via a malicious module placed in /tmp/. The linked Red Hat and Debian trackers echo this same issue. No exp...