Описание
ELSA-2012-1206: python-paste-script security update (MODERATE)
[1.7.3-5]
- fix group permissions in serve.py Resolves: CVE-2012-0878
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
python-paste-script
1.7.3-5.el6_3
Oracle Linux i686
python-paste-script
1.7.3-5.el6_3
Oracle Linux sparc64
python-paste-script
1.7.3-5.el6_3
Связанные CVE
Связанные уязвимости
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
Paste Script 1.7.5 and earlier does not properly set group memberships ...
Paste Script has improper group memberships permissions