Lucene search

K

PRIOn knowledge basePRION:CVE-2013-1813

HistoryNov 23, 2013 - 11:55 a.m.

Code injection

2013-11-2311:55:00

PRIOn knowledge base

www.prio-n.com

16

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.

CPENameOperatorVersion
busyboxeq1.11.0
busyboxeq1.12.0
busyboxeq1.17.1
busyboxeq1.7.0
busyboxeq1.12.2
busyboxeq1.1.3
busyboxeq0.47
busyboxeq0.49
busyboxeq0.43
busyboxeq1.7.1

Rows per page:

1-10 of 1011

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=701965

git.busybox.net/busybox/commit/?id=4609f477c7e043a4f6147dfe6e86b775da2ef784

lists.busybox.net/pipermail/busybox/2013-January/078864.html

packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

rhn.redhat.com/errata/RHSA-2013-1732.html

seclists.org/fulldisclosure/2019/Jun/18

seclists.org/fulldisclosure/2020/Aug/20

seclists.org/fulldisclosure/2020/Mar/15

seclists.org/bugtraq/2019/Jun/14

support.t-mobile.com/docs/DOC-21994

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

Related for PRION:CVE-2013-1813

veracode1 nessus7 openvas7 cve1 ubuntucve1 redhat2 debiancve1 oraclelinux1 centos1 mageia1 gentoo1 packetstorm3 debian2