Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-0878HistoryMay 01, 2012 - 7:55 p.m.
CVE-2012-0878
2012-05-0119:55:01
Debian Security Bug Tracker
security-tracker.debian.org
6
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.5%
Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pastescript | < 1.7.5-2 | pastescript_1.7.5-2_all.deb |
| Debian | 11 | all | pastescript | < 1.7.5-2 | pastescript_1.7.5-2_all.deb |
| Debian | 999 | all | pastescript | < 1.7.5-2 | pastescript_1.7.5-2_all.deb |
| Debian | 13 | all | pastescript | < 1.7.5-2 | pastescript_1.7.5-2_all.deb |
Related
nessus
nessus
Fedora 15 : python-paste-script-1.7.5-4.fc15 (2012-2413)
2012-04-09 00:00:00
CentOS 6 : python-paste-script (CESA-2012:1206)
2012-08-28 00:00:00
Oracle Linux 6 : python-paste-script (ELSA-2012-1206)
2013-07-12 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2012-1206)
2015-10-06 00:00:00
Fedora Update for python-paste-script FEDORA-2012-2413
2012-04-11 00:00:00
Fedora Update for python-paste-script FEDORA-2012-2413
2012-04-11 00:00:00
veracode
veracode
Escalation Of Privileges
2019-01-15 08:56:21
fedora
fedora
[SECURITY] Fedora 17 Update: python-paste-script-1.7.5-4.fc17
2012-04-12 01:57:06
[SECURITY] Fedora 15 Update: python-paste-script-1.7.5-4.fc15
2012-04-06 21:24:40
[SECURITY] Fedora 16 Update: python-paste-script-1.7.5-4.fc16
2012-04-06 21:25:30
oraclelinux
oraclelinux
python-paste-script security update
2012-08-27 00:00:00
centos
centos
python security update
2012-08-27 19:18:21
cvelist
cvelist
CVE-2012-0878
2012-05-01 19:00:00
nvd
nvd
CVE-2012-0878
2012-05-01 19:55:01
redhat
redhat
(RHSA-2012:1206) Moderate: python-paste-script security update
2012-08-27 00:00:00
github
github
Paste Script has improper group memberships permissions
2022-05-17 05:12:26
cve
cve
CVE-2012-0878
2012-05-01 19:55:01
ubuntucve
ubuntucve
CVE-2012-0878
2012-05-01 00:00:00
osv
osv
PYSEC-2012-15
2012-05-01 19:55:00
prion
prion
Design/Logic Flaw
2012-05-01 19:55:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.045 Low
EPSS
Percentile
92.5%
Related for DEBIANCVE:CVE-2012-0878