Lucene search
Gentoo FoundationMGASA-2014-0274HistoryJun 27, 2014 - 6:57 p.m.
Updated ctdb package fixes CVE-2013-4159
2014-06-2718:57:58
Gentoo Foundation
advisories.mageia.org
9
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.5%
Updated ctdb packages fix security vulnerability: ctdb before 2.5 is vulnerable to symlink attacks to due the use of predictable filenames in /tmp, such as /tmp/ctdb.socket (CVE-2013-4159).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 3 | noarch | ctdb | < 1.2.46-3.1 | ctdb-1.2.46-3.1.mga3 |
| Mageia | 4 | noarch | ctdb | < 1.2.46-4.1 | ctdb-1.2.46-4.1.mga4 |
Related
securityvulns
securityvulns
ctdb symbolic links vulnerabilities
2015-04-13 00:00:00
[ MDVSA-2015:177 ] ctdb
2015-04-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ctdb-2.5.4-2.fc20
2014-12-20 08:36:18
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0274)
2022-01-28 00:00:00
Fedora Update for ctdb FEDORA-2014-16742
2014-12-21 00:00:00
nessus
nessus
Fedora 20 : ctdb-2.5.4-2.fc20 (2014-16742)
2014-12-22 00:00:00
openSUSE Security Update : ctdb (openSUSE-SU-2014:0842-1)
2014-06-26 00:00:00
Mandriva Linux Security Advisory : ctdb (MDVSA-2015:177)
2015-03-31 00:00:00
prion
prion
Code injection
2014-08-06 18:55:00
ubuntucve
ubuntucve
CVE-2013-4159
2014-08-06 00:00:00
cve
cve
CVE-2013-4159
2014-08-06 18:55:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.009 Low
EPSS
Percentile
82.5%
Related for MGASA-2014-0274