Lucene search
PRIOn knowledge basePRION:CVE-2014-4039HistoryJun 17, 2014 - 3:55 p.m.
Design/Logic Flaw
2014-06-1715:55:00
PRIOn knowledge base
www.prio-n.com
1
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ppc64-diag | eq | 2.6.1 | |
| enterprise_linux_server | eq | 7.0 | |
| enterprise_linux_server | eq | 6.0 | |
| linux_enterprise_server | eq | 11 sp3 |
References
Related
cve
cve
CVE-2014-4039
2014-06-17 15:55:06
nvd
nvd
CVE-2014-4039
2014-06-17 15:55:06
debiancve
debiancve
CVE-2014-4039
2014-06-17 15:55:06
cvelist
cvelist
CVE-2014-4039
2014-06-17 15:00:00
ubuntucve
ubuntucve
CVE-2014-4039
2014-06-17 00:00:00
openvas
openvas
openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-2)
2014-08-05 00:00:00
SUSE: Security Advisory for ppc64-diag (SUSE-SU-2014:0928-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0928-1)
2021-06-09 00:00:00
redhat
redhat
suse
suse
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-30 21:20:51
Security update for ppc64-diag (important)
2014-07-23 23:04:53
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-31 08:19:46
veracode
veracode
Privilege Escalation
2019-05-02 05:41:01
