4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
Issue Overview:
A flaw was found in the way Augeas handled certain umask settings when creating new configuration files. This flaw could result in configuration files being created as world writable, allowing unprivileged local users to modify their content. (CVE-2013-6412)
Affected Packages:
augeas
Issue Correction:
Run yum update augeas to update your system.
New Packages:
i686:
augeas-1.0.0-5.7.amzn1.i686
augeas-debuginfo-1.0.0-5.7.amzn1.i686
augeas-devel-1.0.0-5.7.amzn1.i686
augeas-libs-1.0.0-5.7.amzn1.i686
src:
augeas-1.0.0-5.7.amzn1.src
x86_64:
augeas-1.0.0-5.7.amzn1.x86_64
augeas-devel-1.0.0-5.7.amzn1.x86_64
augeas-libs-1.0.0-5.7.amzn1.x86_64
augeas-debuginfo-1.0.0-5.7.amzn1.x86_64
Red Hat: CVE-2013-6412
Mitre: CVE-2013-6412
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | augeas | < 1.0.0-5.7.amzn1 | augeas-1.0.0-5.7.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | augeas-debuginfo | < 1.0.0-5.7.amzn1 | augeas-debuginfo-1.0.0-5.7.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | augeas-devel | < 1.0.0-5.7.amzn1 | augeas-devel-1.0.0-5.7.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | augeas-libs | < 1.0.0-5.7.amzn1 | augeas-libs-1.0.0-5.7.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | augeas | < 1.0.0-5.7.amzn1 | augeas-1.0.0-5.7.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | augeas-devel | < 1.0.0-5.7.amzn1 | augeas-devel-1.0.0-5.7.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | augeas-libs | < 1.0.0-5.7.amzn1 | augeas-libs-1.0.0-5.7.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | augeas-debuginfo | < 1.0.0-5.7.amzn1 | augeas-debuginfo-1.0.0-5.7.amzn1.x86_64.rpm |