CentOS 9 : fence-agents-4.10.0-55.el9
Discription
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the fence- agents-4.10.0-55.el9 build changelog. Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267. (CVE-2007-4559) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More
References
Back to Main