Lucene search
HistoryMay 19, 2015 - 6:59 p.m.
CVE-2015-0267
red hat
module-setup.sh
kexec-tools
symlink attack
temporary file
cve-2015-0267
nvd
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file.
Affected configurations
Node
redhatkexec-toolsRange≤2.0.7-11
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:kexec-tools | redhat kexec-tools | le | 2.0.7-11 |
Related
oraclelinux
oraclelinux
kexec-tools security, bug fix, and enhancement update
2015-05-12 00:00:00
nessus
nessus
CentOS 7 : kexec-tools (CESA-2015:0986)
2015-05-13 00:00:00
Scientific Linux Security Update : kexec-tools on SL7.x x86_64 (20150512)
2015-05-14 00:00:00
Oracle Linux 7 : kexec-tools (ELSA-2015-0986)
2015-05-13 00:00:00
centos
centos
kexec security update
2015-05-13 01:01:15
ibm
ibm
cvelist
cvelist
CVE-2015-0267
2015-05-19 18:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-0986)
2015-10-06 00:00:00
CentOS Update for kexec-tools CESA-2015:0986 centos7
2015-06-09 00:00:00
RedHat Update for kexec-tools RHSA-2015:0986-01
2015-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2015-0267
2015-05-19 00:00:00
prion
prion
Design/Logic Flaw
2015-05-19 18:59:00
redhat
redhat
nvd
nvd
CVE-2015-0267
2015-05-19 18:59:00
debiancve
debiancve
CVE-2015-0267
2015-05-19 18:59:00
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.1 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2015-0267