Python os.py Predictable Temporary Filename Command Execution Vulnerability

Bugtraq ID: 5581
Class: Design Error
CVE: CVE-2002-1119
Remote: No
Local: Yes
Published: Aug 28 2002 12:00AM
Updated: Jul 11 2009 03:56PM
Credit: Discovery of this vulnerability credited to Zack Weinberg.
Vulnerable: Python Software Foundation Python 2.3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
Python Software Foundation Python 2.2.2
+ OpenPKG OpenPKG 1.2
+ OpenPKG OpenPKG 1.2
+ Redhat Linux 7.3
+ Redhat Linux 7.3
+ S.u.S.E. Linux Personal 8.2
+ S.u.S.E. Linux Personal 8.2
Python Software Foundation Python 2.2.1
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
+ OpenPKG OpenPKG 1.1
+ SuSE Linux 8.1
Python Software Foundation Python 2.2
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
Python Software Foundation Python 2.1.3
+ Debian Linux 3.0
Python Software Foundation Python 2.1.2
Python Software Foundation Python 2.1.1
+ Redhat Linux 7.2
+ Sun Linux 5.0.7
Python Software Foundation Python 2.1
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Python Software Foundation Python 2.0.1
Python Software Foundation Python 2.0
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
Python Software Foundation Python 1.6.1
Python Software Foundation Python 1.6
Python Software Foundation Python 1.5.2
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Debian Linux 3.0
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ Redhat Linux 7.3
+ Redhat Linux 7.2
+ Redhat Linux 7.1
+ Redhat Linux 7.0
+ Redhat Linux 6.2
+ Redhat Linux for iSeries 7.1
+ Redhat Linux for pSeries 7.1
+ Sun Linux 5.0.7
+ Trustix Secure Linux 1.5
Not Vulnerable: Python Software Foundation Python 2.3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0


 

Privacy Statement
Copyright 2010, SecurityFocus