Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4453HistoryOct 09, 2012 - 11:55 p.m.
CVE-2012-4453
2012-10-0923:55:05
Debian Security Bug Tracker
security-tracker.debian.org
12
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | dracut | < 020-1.1 | dracut_020-1.1_all.deb |
| Debian | 11 | all | dracut | < 020-1.1 | dracut_020-1.1_all.deb |
| Debian | 999 | all | dracut | < 020-1.1 | dracut_020-1.1_all.deb |
| Debian | 13 | all | dracut | < 020-1.1 | dracut_020-1.1_all.deb |
Related
openvas
openvas
Fedora Update for dracut FEDORA-2012-14959
2012-10-16 00:00:00
RedHat Update for dracut RHSA-2013:1674-02
2013-11-21 00:00:00
RedHat Update for dracut RHSA-2013:1674-02
2013-11-21 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: dracut-018-60.git20120927.fc16
2012-10-13 00:22:41
[SECURITY] Fedora 18 Update: dracut-024-5.git20121019.fc18
2012-10-24 16:38:40
[SECURITY] Fedora 17 Update: dracut-018-105.git20120927.fc17
2012-10-13 00:20:27
oraclelinux
oraclelinux
dracut security, bug fix, and enhancement update
2013-11-25 00:00:00
cve
cve
CVE-2012-4453
2012-10-09 23:55:05
nessus
nessus
Fedora 17 : dracut-018-105.git20120927.fc17 (2012-14953)
2012-10-15 00:00:00
Scientific Linux Security Update : dracut on SL6.x (noarch) (20131121)
2013-12-10 00:00:00
RHEL 6 : dracut (RHSA-2013:1674)
2013-11-21 00:00:00
cvelist
cvelist
CVE-2012-4453
2012-10-09 23:00:00
redhat
redhat
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
nvd
nvd
CVE-2012-4453
2012-10-09 23:55:05
ubuntucve
ubuntucve
CVE-2012-4453
2012-10-09 00:00:00
prion
prion
Information disclosure
2012-10-09 23:55:00
amazon
amazon
Medium: dracut
2013-12-11 20:33:00
osv
osv
dracut-044-17.1 on GA media
2024-06-15 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2012-4453