Lucene search

[email protected]CVE-2013-4216

HistoryAug 25, 2013 - 3:27 a.m.

CVE-2013-4216

2013-08-2503:27:32

CWE-264

[email protected]

web.nvd.nist.gov

cve

2013

4216

intel

wimax

network service

denial of service

data corruption

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file.

Affected configurations

NVD

Node

intelwimax_network_serviceRange≤1.5.2

intelwimax_network_serviceMatch1.5.0

CPENameOperatorVersion
intel:wimax_network_serviceintel wimax network servicele1.5.2
intel:wimax_network_serviceintel wimax network serviceeq1.5.0

CPE	Name	Operator	Version
intel:wimax_network_service	intel wimax network service	le	1.5.2
intel:wimax_network_service	intel wimax network service	eq	1.5.0

References

www.openwall.com/lists/oss-security/2013/08/08/17

bugzilla.redhat.com/show_bug.cgi?id=911122

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2013-4216

prion1 nvd1 cvelist1