Network Security News – Sunday, August 07, 2005 Events
Linux dump flock() /etc/dumpdates Local DoS
Linux dump contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user uses 'dump' to execute a lock on the /etc/dumpdates file, and will result in loss of availability for the dump service.. Read more at osvdb.org/18531
Karrigell Python Namespace Arbitrary Command Execution
Karrigell contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to Karrigell scripts not properly sanitizing user input, exposing functions imported from other Karrigell scripts and python built-in functions. This may allow an attacker to construct a URL containing arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/18506