Lucene search
K

luci: paster hidden untrusted path and "command" (callable association) injection

🗓️ 20 Nov 2013 19:34:00Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 3 Views

Flaw in luci service initialization lets a local user run from a writable directory to execute code as root.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
Tenable Nessus
CentOS 6 : luci (CESA-2013:1603)
12 Nov 201400:00
nessus
Tenable Nessus
MiracleLinux 4 : luci-0.26.0-48.AXS4 (AXSA:2014-025:01)
16 Jan 202600:00
nessus
Tenable Nessus
RHEL 6 : luci (RHSA-2013:1603)
21 Nov 201300:00
nessus
Tenable Nessus
Scientific Linux Security Update : luci on SL6.x i386/x86_64 (20131121)
4 Dec 201300:00
nessus
Cent OS
luci security update
26 Nov 201313:32
centos
CVE
CVE-2013-4482
23 Nov 201311:00
cve
Cvelist
CVE-2013-4482
23 Nov 201311:00
cvelist
EUVD
EUVD-2013-4347
7 Oct 202500:30
euvd
NVD
CVE-2013-4482
23 Nov 201311:55
nvd
OSV
RHSA-2013:1603 Red Hat Security Advisory: luci security, bug fix, and enhancement update
15 Sep 202420:59
osv
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux6i686luci0:0.26.0-48.el6luci-0:0.26.0-48.el6.i686.rpm
Red Hat Enterprise Linux6x86_64luci0:0.26.0-48.el6luci-0:0.26.0-48.el6.x86_64.rpm
Red Hat Enterprise Linux6i686luci-debuginfo0:0.26.0-48.el6luci-debuginfo-0:0.26.0-48.el6.i686.rpm
Red Hat Enterprise Linux6x86_64luci-debuginfo0:0.26.0-48.el6luci-debuginfo-0:0.26.0-48.el6.x86_64.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Nov 2025 17:46Current
6.1Medium risk
Vulners AI Score6.1
CVSS 26.2
EPSS0.00378
3