Oracle Solaris Third-Party Patch Update : py_pil (multiple_vulnerabilities_in_python_image)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Solaris system is missing a security patch for third-party
software.

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- The (1) load_djpeg function in JpegImagePlugin.py, (2)
Ghostscript function in EpsImagePlugin.py, (3) load
function in IptcImagePlugin.py, and (4) _copy function
in Image.py in Python Image Library (PIL) 1.1.7 and
earlier and Pillow before 2.3.1 do not properly create
temporary files, which allow local users to overwrite
arbitrary files and obtain sensitive information via a
symlink attack on the temporary file. (CVE-2014-1932)

- The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py
scripts in Python Image Library (PIL) 1.1.7 and earlier
and Pillow before 2.3.1 uses the names of temporary
files on the command line, which makes it easier for
local users to conduct symlink attacks by listing the
processes. (CVE-2014-1933)

See also :

http://www.nessus.org/u?b5f8def1
http://www.nessus.org/u?b54342ac

Solution :

Upgrade to Solaris 11.2.

Risk factor :

Medium / CVSS Base Score : 4.4
(CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P)

Family: Solaris Local Security Checks

Nessus Plugin ID: 80746 ()

Bugtraq ID:

CVE ID: CVE-2014-1932
CVE-2014-1933

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now