Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4577HistoryMay 12, 2014 - 2:55 p.m.
CVE-2013-4577
2014-05-1214:55:05
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | grub2 | < 2.00-20 | grub2_2.00-20_all.deb |
| Debian | 11 | all | grub2 | < 2.00-20 | grub2_2.00-20_all.deb |
| Debian | 999 | all | grub2 | < 2.00-20 | grub2_2.00-20_all.deb |
| Debian | 13 | all | grub2 | < 2.00-20 | grub2_2.00-20_all.deb |
Related
ubuntucve
ubuntucve
CVE-2013-4577
2014-05-12 00:00:00
cve
cve
CVE-2013-4577
2014-05-12 14:55:05
nvd
nvd
CVE-2013-4577
2014-05-12 14:55:05
redhatcve
redhatcve
CVE-2013-4577
2015-10-30 09:38:39
cvelist
cvelist
CVE-2013-4577
2014-05-12 14:00:00
prion
prion
Default credentials
2014-05-12 14:55:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2013-4577