Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4260HistorySep 16, 2013 - 7:14 p.m.
CVE-2013-4260
2013-09-1619:14:39
Debian Security Bug Tracker
security-tracker.debian.org
8
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | ansible | < 7.3.0+dfsg-1 | ansible_7.3.0+dfsg-1_all.deb |
| Debian | 11 | all | ansible | < 2.10.7+merged+base+2.10.8+dfsg-1 | ansible_2.10.7+merged+base+2.10.8+dfsg-1_all.deb |
| Debian | 10 | all | ansible | < 2.7.7+dfsg-1+deb10u1 | ansible_2.7.7+dfsg-1+deb10u1_all.deb |
| Debian | 999 | all | ansible | < 10.0.1+dfsg-1 | ansible_10.0.1+dfsg-1_all.deb |
| Debian | 13 | all | ansible | < 9.5.1+dfsg-1 | ansible_9.5.1+dfsg-1_all.deb |
Related
github
github
Ansible Arbitrary File Overwrite Vulnerability
2022-05-14 02:03:36
prion
prion
Code injection
2013-09-16 19:14:00
cve
cve
CVE-2013-4260
2013-09-16 19:14:39
ubuntucve
ubuntucve
CVE-2013-4260
2013-09-16 00:00:00
cvelist
cvelist
CVE-2013-4260
2013-09-16 19:00:00
osv
osv
PYSEC-2013-2
2013-09-16 19:14:00
Ansible Arbitrary File Overwrite Vulnerability
2022-05-14 02:03:36
nvd
nvd
CVE-2013-4260
2013-09-16 19:14:39
nessus
nessus
FreeBSD : ansible -- local symlink exploits (a6a9f9d5-205c-11e5-a4a5-002590263bf5)
2015-07-06 00:00:00
Fedora 19 : ansible-1.2.3-2.fc19 (2013-15169)
2013-09-02 00:00:00
Fedora 18 : ansible-1.2.3-2.fc18 (2013-15181)
2013-09-02 00:00:00
freebsd
freebsd
ansible -- local symlink exploits
2013-08-21 00:00:00
openvas
openvas
Fedora Update for ansible FEDORA-2013-15181
2013-09-02 00:00:00
Fedora Update for ansible FEDORA-2014-5375
2014-05-02 00:00:00
Fedora Update for ansible FEDORA-2013-15181
2013-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ansible-1.2.3-2.fc18
2013-08-30 22:58:41
[SECURITY] Fedora 19 Update: ansible-1.2.3-2.fc19
2013-08-30 23:03:44
[SECURITY] Fedora 19 Update: ansible-1.5.5-1.fc19
2014-04-28 04:52:53
3.3 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2013-4260