• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Python os.py Predictable Temporary Filename Command Execution Vulnerability

It has been reported that some versions of Python create temporary files in an insecure manner. The vulnerability occurs in the os._execvpe function found in os.py.

It has been reported that exploitation of this vulnerability could lead to the execution of arbitrary code.