Lucene search
RedhatCVELIST:CVE-2013-4419HistoryNov 05, 2013 - 8:00 p.m.
CVE-2013-4419
2013-11-0520:00:00
redhat
www.cve.org
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
Related
nessus
nessus
RHEL 6 : libguestfs (RHSA-2013:1536)
2013-11-21 00:00:00
Scientific Linux Security Update : libguestfs on SL6.x x86_64 (20131121)
2013-12-04 00:00:00
Oracle Linux 6 : libguestfs (ELSA-2013-1536)
2013-11-29 00:00:00
suse
suse
Security update for guestfs (important)
2013-11-04 17:04:16
ubuntucve
ubuntucve
CVE-2013-4419
2013-11-05 00:00:00
nvd
nvd
CVE-2013-4419
2013-11-05 20:55:29
debiancve
debiancve
CVE-2013-4419
2013-11-05 20:55:29
cve
cve
CVE-2013-4419
2013-11-05 20:55:29
redhat
redhat
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
openvas
openvas
RedHat Update for libguestfs RHSA-2013:1536-02
2013-11-21 00:00:00
RedHat Update for libguestfs RHSA-2013:1536-02
2013-11-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1626-1)
2021-06-09 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libguestfs-1.24.0-1.fc20
2013-11-10 06:52:22
[SECURITY] Fedora 19 Update: libguestfs-1.22.7-1.fc19
2013-10-27 04:00:04
[SECURITY] Fedora 19 Update: libguestfs-1.22.7-1.fc19
2013-10-27 05:32:56
centos
centos
libguestfs, ocaml, perl, python, ruby security update
2013-11-26 13:32:04
prion
prion
Design/Logic Flaw
2013-11-05 20:55:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:01:25
oraclelinux
oraclelinux
libguestfs security, bug fix, and enhancement update
2013-11-26 00:00:00