Lucene search
HistoryApr 27, 2014 - 9:55 p.m.
CVE-2013-0296
cve-2013-0296
pigz
race condition
file compression
access permissions
security vulnerability
nvd
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file’s permissions to match those of the original file, which might allow local users to bypass intended access permissions while compression is occurring.
Affected configurations
Node
zlibpigzRange≤2.2.4-1
Related
ubuntucve
ubuntucve
CVE-2013-0296
2014-04-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-2004
2021-07-02 18:21:37
prion
prion
Race condition
2014-04-27 21:55:00
nessus
nessus
openSUSE Security Update : pigz (openSUSE-SU-2013:0540-1)
2014-06-13 00:00:00
Fedora 17 : pigz-2.2.5-1.fc17 (2013-2589)
2013-02-26 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: pigz-2.2.5-1.fc17
2013-02-26 02:46:22
debiancve
debiancve
CVE-2013-0296
2014-04-27 21:55:05
openvas
openvas
Fedora Update for pigz FEDORA-2013-2589
2013-03-01 00:00:00
Fedora Update for pigz FEDORA-2013-2589
2013-03-01 00:00:00
nvd
nvd
CVE-2013-0296
2014-04-27 21:55:05
cvelist
cvelist
CVE-2013-0296
2014-04-27 21:00:00
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-0296