LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: python tmp file vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by LinuxSecurity.com Team   
RedHat Linux Zack Weinberg discovered that os._execvpe from os.py in Python <=2.2.1 creates temporary files with predictable names.

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated python packages fix predictable temporary file
Advisory ID:       RHSA-2002:202-25
Issue date:        2003-01-21
Updated on:        2003-01-21
Product:           Red Hat Linux
Keywords:          symlink os.excvpe flaw:link
Cross references:  
Obsoletes:         
CVE Names:         CAN-2002-1119
---------------------------------------------------------------------

1. Topic:

An insecure use of a temporary file has been found in Python.  This erratum
provides updated Python packages.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - i386
Red Hat Linux 7.0 - i386
Red Hat Linux 7.1 - i386
Red Hat Linux 7.2 - i386, ia64
Red Hat Linux 7.3 - i386

3. Problem description:

Python is an interpreted, interactive, object-oriented programming
language.

Zack Weinberg discovered that os._execvpe from os.py in Python 2.2.1 and
earlier creates temporary files with predictable names.  This could allow
local users to execute arbitrary code via a symlink attack.

All users should upgrade to these errata packages which contain a patch to
python 1.5.2 and are not vulnerable to this issue.  Please note that for
Red Hat Linux 7.3 we have updated the python2 packages from version 2.2 to
version 2.2.2.  Red Hat Linux 8.0 shipped a version of Python that already
contained a fix for this issue and is therefore not vulnerable to this issue.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
ftp://updates.Red Hat.com/6.2/en/os/SRPMS/python-1.5.2-42.62.src.rpm

i386: 
ftp://updates.Red Hat.com/6.2/en/os/i386/python-1.5.2-42.62.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/python-devel-1.5.2-42.62.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/python-docs-1.5.2-42.62.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/python-tools-1.5.2-42.62.i386.rpm 
ftp://updates.Red Hat.com/6.2/en/os/i386/tkinter-1.5.2-42.62.i386.rpm

Red Hat Linux 7.0:

SRPMS: 
ftp://updates.Red Hat.com/7.0/en/os/SRPMS/python-1.5.2-42.71.src.rpm

i386: 
ftp://updates.Red Hat.com/7.0/en/os/i386/python-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/python-devel-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/python-docs-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/python-tools-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.0/en/os/i386/tkinter-1.5.2-42.71.i386.rpm

Red Hat Linux 7.1:

SRPMS: 
ftp://updates.Red Hat.com/7.1/en/os/SRPMS/python-1.5.2-42.71.src.rpm

i386: 
ftp://updates.Red Hat.com/7.1/en/os/i386/python-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/python-devel-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/python-docs-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/python-tools-1.5.2-42.71.i386.rpm 
ftp://updates.Red Hat.com/7.1/en/os/i386/tkinter-1.5.2-42.71.i386.rpm

Red Hat Linux 7.2:

SRPMS: 
ftp://updates.Red Hat.com/7.2/en/os/SRPMS/python-1.5.2-42.72.src.rpm 
ftp://updates.Red Hat.com/7.2/en/os/SRPMS/python2-2.1.1-2.72.src.rpm

i386: 
ftp://updates.Red Hat.com/7.2/en/os/i386/python-1.5.2-42.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/python-devel-1.5.2-42.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/python-docs-1.5.2-42.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/python-tools-1.5.2-42.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/tkinter-1.5.2-42.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/python2-2.1.1-2.72.i386.rpm 
ftp://updates.Red Hat.com/7.2/en/os/i386/python2-devel-2.1.1-2.72.i386.rpm

ia64: 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python-1.5.2-42.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python-devel-1.5.2-42.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python-docs-1.5.2-42.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python-tools-1.5.2-42.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/tkinter-1.5.2-42.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python2-2.1.1-2.72.ia64.rpm 
ftp://updates.Red Hat.com/7.2/en/os/ia64/python2-devel-2.1.1-2.72.ia64.rpm

Red Hat Linux 7.3:

SRPMS: 
ftp://updates.Red Hat.com/7.3/en/os/SRPMS/python-1.5.2-42.73.src.rpm 
ftp://updates.Red Hat.com/7.3/en/os/SRPMS/python2-2.2.2-3.7.3.src.rpm

i386: 
ftp://updates.Red Hat.com/7.3/en/os/i386/python-1.5.2-42.73.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python-devel-1.5.2-42.73.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python-docs-1.5.2-42.73.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python-tools-1.5.2-42.73.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/tkinter-1.5.2-42.73.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python2-2.2.2-3.7.3.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python2-devel-2.2.2-3.7.3.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/python2-docs-2.2.2-3.7.3.i386.rpm 
ftp://updates.Red Hat.com/7.3/en/os/i386/tkinter2-2.2.2-3.7.3.i386.rpm



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
ea2c7e1f03253f7abf020bd20501a9ed 6.2/en/os/SRPMS/python-1.5.2-42.62.src.rpm
ae807f2515d48688feb63a7d1c36fd41 6.2/en/os/i386/python-1.5.2-42.62.i386.rpm
9e7ec6bea6aeac1f55d7268c17bd005e 6.2/en/os/i386/python-devel-1.5.2-42.62.i386.rpm
24989340e51d52302fed720a304da5fb 6.2/en/os/i386/python-docs-1.5.2-42.62.i386.rpm
c32cfd08bd1b8c1485f9faf992ae4e47 6.2/en/os/i386/python-tools-1.5.2-42.62.i386.rpm
9e6ef79c21074cfd2ba6a9e8f82269fe 6.2/en/os/i386/tkinter-1.5.2-42.62.i386.rpm
f284fbc3bffb9750628b854c66240884 7.0/en/os/SRPMS/python-1.5.2-42.71.src.rpm
67a8b9f482122c94e59be63fb35a6c09 7.0/en/os/i386/python-1.5.2-42.71.i386.rpm
6bb2441e4e774d4036e06470a37f2d05 7.0/en/os/i386/python-devel-1.5.2-42.71.i386.rpm
4bbbde224af5008bcde30363fc97146c 7.0/en/os/i386/python-docs-1.5.2-42.71.i386.rpm
a2d3161c06c800c522da141baa5118b7 7.0/en/os/i386/python-tools-1.5.2-42.71.i386.rpm
55275a32efb84977fa93653fb9cbae2c 7.0/en/os/i386/tkinter-1.5.2-42.71.i386.rpm
f284fbc3bffb9750628b854c66240884 7.1/en/os/SRPMS/python-1.5.2-42.71.src.rpm
67a8b9f482122c94e59be63fb35a6c09 7.1/en/os/i386/python-1.5.2-42.71.i386.rpm
6bb2441e4e774d4036e06470a37f2d05 7.1/en/os/i386/python-devel-1.5.2-42.71.i386.rpm
4bbbde224af5008bcde30363fc97146c 7.1/en/os/i386/python-docs-1.5.2-42.71.i386.rpm
a2d3161c06c800c522da141baa5118b7 7.1/en/os/i386/python-tools-1.5.2-42.71.i386.rpm
55275a32efb84977fa93653fb9cbae2c 7.1/en/os/i386/tkinter-1.5.2-42.71.i386.rpm
a47d3a73c49783e1cd5b83cbef60652f 7.2/en/os/SRPMS/python-1.5.2-42.72.src.rpm
b4e68654b049c6af907f098afd29a4be 7.2/en/os/SRPMS/python2-2.1.1-2.72.src.rpm
389afc3097788a96b0835ebc46ac16d3 7.2/en/os/i386/python-1.5.2-42.72.i386.rpm
a4fd8f4787c56603613e9f3e12d6aa27 7.2/en/os/i386/python-devel-1.5.2-42.72.i386.rpm
686d90f9f8462ebc2dc7f0c05bf1612e 7.2/en/os/i386/python-docs-1.5.2-42.72.i386.rpm
ac3c101c4d388b2086412fa1ecae38c6 7.2/en/os/i386/python-tools-1.5.2-42.72.i386.rpm
d1832d93442ddac585427b460b02c1c8 7.2/en/os/i386/python2-2.1.1-2.72.i386.rpm
e1c3352394e1cd824e615742ca029298 7.2/en/os/i386/python2-devel-2.1.1-2.72.i386.rpm
9bee09c2165510ef87d5b1d6c5170760 7.2/en/os/i386/tkinter-1.5.2-42.72.i386.rpm
a59c47d8d4d089f83b834105b9d22f69 7.2/en/os/ia64/python-1.5.2-42.72.ia64.rpm
1a2c0e209e264928d2f84154e182248d 7.2/en/os/ia64/python-devel-1.5.2-42.72.ia64.rpm
290383a0ec1a271e5f6a17b7bc821ed8 7.2/en/os/ia64/python-docs-1.5.2-42.72.ia64.rpm
694c91d88fbfd31a6408781431a5b7fe 7.2/en/os/ia64/python-tools-1.5.2-42.72.ia64.rpm
c5e288bfb51f7cdb1fc7de5a0c900639 7.2/en/os/ia64/python2-2.1.1-2.72.ia64.rpm
729305369876da105810446e32a119bc 7.2/en/os/ia64/python2-devel-2.1.1-2.72.ia64.rpm
85ddf2fcb9679153dc179a3e41d76993 7.2/en/os/ia64/tkinter-1.5.2-42.72.ia64.rpm
f2cf7600b4de21bcb7eaa2e73218cb7c 7.3/en/os/SRPMS/python-1.5.2-42.73.src.rpm
183717dbd2d209c4ab19162c21c41527 7.3/en/os/SRPMS/python2-2.2.2-3.7.3.src.rpm
3349177afa68f1bb3cdefacd2202edad 7.3/en/os/i386/python-1.5.2-42.73.i386.rpm
4d046510dd987f72e521f528d95db38b 7.3/en/os/i386/python-devel-1.5.2-42.73.i386.rpm
ec0936c1821670d1ebb9639bc9f41d5f 7.3/en/os/i386/python-docs-1.5.2-42.73.i386.rpm
b55c4b23cdf5779e244923e944ffdab0 7.3/en/os/i386/python-tools-1.5.2-42.73.i386.rpm
cdd195d8cd81e8c6c42964b7efda4a53 7.3/en/os/i386/python2-2.2.2-3.7.3.i386.rpm
3804e8f39fe53ca69eb9b08e0847239e 7.3/en/os/i386/python2-devel-2.2.2-3.7.3.i386.rpm
e15f24a15999724eb6aad307a3cda429 7.3/en/os/i386/python2-docs-2.2.2-3.7.3.i386.rpm
7e68369c396be300c8abb8334d4cae2d 7.3/en/os/i386/tkinter-1.5.2-42.73.i386.rpm
c4fced6272839041ce9252d06079d43c 7.3/en/os/i386/tkinter2-2.2.2-3.7.3.i386.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at  http://www.Red Hat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    
    rpm --checksig -v 

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    
    md5sum 


7. References:
 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=156556 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1119

8. Contact:

The Red Hat security contact is <security@Red Hat.com>.  More contact
details at  http://www.Red Hat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.



_______________________________________________
Red Hat-watch-list mailing list
To unsubscribe, visit: https://listman.Red Hat.com/mailman/listinfo/Red Hat-watch-list


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.