Lucene search

PRIOn knowledge basePRION:CVE-2013-4159

HistoryAug 06, 2014 - 6:55 p.m.

Code injection

2014-08-0618:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.4%

JSON

ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to “several temp file vulnerabilities” in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

CPENameOperatorVersion
ctdbeq2.1
ctdble2.2
ctdbeq2.0
mageiaeq3.0
mageiaeq4.0
opensuseeq12.3
opensuseeq13.1

Name	Operator	Version
ctdb	eq	2.1
ctdb	le	2.2
ctdb	eq	2.0
mageia	eq	3.0
mageia	eq	4.0
opensuse	eq	12.3
opensuse	eq	13.1

References

advisories.mageia.org/MGASA-2014-0274.html

lists.opensuse.org/opensuse-updates/2014-06/msg00052.html

www.mandriva.com/security/advisories?name=MDVSA-2015:177

www.openwall.com/lists/oss-security/2014/05/29/12

bugzilla.redhat.com/show_bug.cgi?id=986773

git.samba.org/?p=ctdb.git%3Ba=commitdiff%3Bh=b9b9f6738fba5c32e87cb9c36b358355b444fb9b

wiki.samba.org/index.php/CTDB2releaseNotes

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.4%

JSON

Related for PRION:CVE-2013-4159