Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-119: apt-listchanges Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-119: apt-listchanges Vulnerability
# 1  
Old 01-17-2008
S-119: apt-listchanges Vulnerability
It was discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. The risk is MEDIUM. This could alllow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Apt-get

Want to install APACHE but it's saying command is not found using centos (4 Replies)
Discussion started by: zbest1966
4 Replies

2. Red Hat

Yum and apt-get

I know both yum and apt-get could update the package , could advise which one is better in Redhat server ? thanks Login ID ust3 is currently in read-only mode for multiple infractions. Creating new identities to avoid restrictions is not allowed. This thread is closed. (1 Reply)
Discussion started by: ust03
1 Replies

3. AIX

lsmksysb: error 0511-119 & 0511-137 ?

I have 2 workstations that when I do the smitty lsmksysb to verify the tape created by the smitty mksysb, both fail on the same problem: restore: 0511-119 There is a missing header block. restore: 0511-137 Trying to find the next header. Data maybe lost. Starting again at file .... I... (3 Replies)
Discussion started by: Browser_ice
3 Replies

4. UNIX for Advanced & Expert Users

2007/11/09! 03.56.29! E00549! Enq_pty! Tty.c! 119! PID (22597)! Operations ioctl (TCS

helo, i got accessing system from putty. a user has had System Telnet up (for hours at a time) and been running various commands from the CUI menu.(its just client application) The following message appears over and over again in the account log: 2007/11/09! 03.56.29! E00549! Enq_pty! Tty.c!... (0 Replies)
Discussion started by: amitpansuria
0 Replies

5. UNIX for Dummies Questions & Answers

Apt-get install

When I use apt-get install command, for example samba install, does that command then invokes search of entire disk to find samba packet or what? (1 Reply)
Discussion started by: salvor_hardin
1 Replies
Login or Register to Ask a Question

LEARN ABOUT LINUX

apt

apt(8)							      System Manager's Manual							    apt(8)

NAME

       apt - Advanced Package Tool

SYNOPSIS

       apt

DESCRIPTION

       APT  is	a management system for software packages. For normal day to day package management there are several frontends available, such as
       aptitude(8) for the command line or synaptic(8) for the X Window System. Some options are only implemented in apt-get(8) though.

SEE ALSO

       apt-cache(8), apt-get(8), apt.conf(5), sources.list(5), apt_preferences(5), apt-secure(8)

DIAGNOSTICS

       apt returns zero on normal operation, decimal 100 on error.

BUGS

       This manpage isn't even started.

       See <http://bugs.debian.org/apt>.  If you wish to report a bug in apt, please see /usr/share/doc/debian/bug-reporting.txt  or  the  report-
       bug(1) command.

AUTHOR

       apt was written by the APT team <apt@packages.debian.org>.

Debian GNU/Linux						   16 June 1998 							    apt(8)