CVE-2013-6412

2014-01-2300:55:00

Debian Security Bug Tracker

security-tracker.debian.org

0.0004 Low

EPSS

Percentile

5.2%

JSON

The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a “7,” which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
Debian12allaugeas< 1.2.0-0.1augeas_1.2.0-0.1_all.deb
Debian11allaugeas< 1.2.0-0.1augeas_1.2.0-0.1_all.deb
Debian10allaugeas< 1.2.0-0.1augeas_1.2.0-0.1_all.deb
Debian999allaugeas< 1.2.0-0.1augeas_1.2.0-0.1_all.deb
Debian13allaugeas< 1.2.0-0.1augeas_1.2.0-0.1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	augeas	< 1.2.0-0.1	augeas_1.2.0-0.1_all.deb
Debian	11	all	augeas	< 1.2.0-0.1	augeas_1.2.0-0.1_all.deb
Debian	10	all	augeas	< 1.2.0-0.1	augeas_1.2.0-0.1_all.deb
Debian	999	all	augeas	< 1.2.0-0.1	augeas_1.2.0-0.1_all.deb
Debian	13	all	augeas	< 1.2.0-0.1	augeas_1.2.0-0.1_all.deb

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for DEBIANCVE:CVE-2013-6412