Design/Logic Flaw

2013-08-2503:27:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file.

CPENameOperatorVersion
wimax_network_servicele1.5.2
wimax_network_serviceeq1.5.0

CPE	Name	Operator	Version
	wimax_network_service	le	1.5.2
	wimax_network_service	eq	1.5.0

References

www.openwall.com/lists/oss-security/2013/08/08/17

bugzilla.redhat.com/show_bug.cgi?id=911122