Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1632

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-1632
Last Modified 05 Sep 2008 04:49:39
Published 17 May 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-1632

Summary

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.

Vulnerable Systems

Application

  • Tavis Rudd Cheetah 0.9.15

  • Tavis Rudd Cheetah 0.9.16


References

CONFIRM - http://sourceforge.net/mailarchive/forum.php?thread_id=7070332&forum_id=1542

OSVDB - 16622

SECUNIA - 15386


Last Updated: 27 May 2016 10:40:14