python-2.3.4-5 Symbolic link attack possibility

2008.09.19
Risk: High
Local: Yes
Remote: No
CWE: CWE-59


CVSS Base Score: 7.2/10
Impact Subscore: 10/10
Exploitability Subscore: 3.9/10
Exploit range: Local
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

Hello Steve, could you please allocate a CVE id for the following Python generic FAQ wizard moving tool issue: References: https://bugzilla.redhat.com/show_bug.cgi?id=462326 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899 Impact: Symbolic link attack possibility Affected versions: python-2.3.4-*+ Thank you in advance Kind regards Jan iankko Lieskovsky RH Security Response Team

References:

https://bugzilla.redhat.com/show_bug.cgi?id=462326
http://xforce.iss.net/xforce/xfdb/45161
http://www.securityfocus.com/bid/31184
http://marc.info/?l=oss-security&m=122152861617434&w=2
http://marc.info/?l=oss-security&m=122148330903513&w=2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498899


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top