CVE-2008-5983

NameCVE-2008-5983
DescriptionUntrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium
Debian Bugs572010, 575780

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
python2.4source(unstable)(unfixed)low
python2.5source(unstable)(unfixed)low
python2.6source(unstable)2.6.5+20100529-1low572010
python3.1source(unstable)3.1.2+20100703-1low575780

Notes

[etch] - python2.5 <no-dsa> (Minor issue)
[lenny] - python2.5 <no-dsa> (Minor issue)
[squeeze] - python2.5 <no-dsa> (Minor issue, patch only introduces a new, more secure API)
[etch] - python2.4 <no-dsa> (Minor issue)
[lenny] - python2.4 <no-dsa> (Minor issue)
I suppose the behaviour will be changed in a future Python release, but
a backport has a significant risk of breakage for little gain. If a
proper upstream patch should be available, this can be re-evaluated
http://bugs.python.org/issue5753

Search for package or bug name: Reporting problems