Lucene search

FreeBSDA6A9F9D5-205C-11E5-A4A5-002590263BF5

HistoryAug 21, 2013 - 12:00 a.m.

ansible -- local symlink exploits

2013-08-2100:00:00

vuxml.freebsd.org

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON

MITRE reports:

runner/connection_plugins/ssh.py in Ansible before 1.2.3, when
using ControlPersist, allows local users to redirect a ssh session
via a symlink attack on a socket file with a predictable name in
/tmp/.

lib/ansible/playbook/init.py in Ansible 1.2.x before 1.2.3,
when playbook does not run due to an error, allows local users to
overwrite arbitrary files via a symlink attack on a retry file with
a predictable name in /var/tmp/ansible/.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchansible< 1.2.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	ansible	< 1.2.3	UNKNOWN

References

www.ansible.com/security

groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for A6A9F9D5-205C-11E5-A4A5-002590263BF5