Linux Distros Unpatched Vulnerability : CVE-2013-2561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4...

SUSE CVE-2013-1894

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2561. Reason: This candidate is a duplicate of CVE-2013-2561. Notes: All CVE users should reference CVE-2013-2561 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

CentOS 6 : ibutils / infinipath-psm / libibverbs / libmlx4 / librdmacm / mpitests / mstflint / etc (CESA-2013:1661)

Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team ha...

Medium: openmpi

Issue Overview: A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. It was discovered that librdmacm used a static port to connect to the ibacm service. A local...

Scientific Linux Security Update : RDMA stack on SL6.x i386/x86_64 (20131121)

A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. CVE-2013-2561 It was discovered that librdmacm used a static port to connect to the ibacm service. A local...

ibutils, infinipath, libibverbs, libmlx4, librdmacm, mpitests, mstflint, openmpi, perftest, qperf, rdma security update

CentOS Errata and Security Advisory CESA-2013:1661 Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat...

CVE-2013-2561

OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7 ibdiagnet.pkey, 8 ibdiagnet.psl, 9 ibdiagnet.slvl, or 10 ibdiagnet.sm in /tmp/...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2561. Reason: This candidate is a duplicate of CVE-2013-2561. Notes: All CVE users should reference CVE-2013-2561 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2013-2561

OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7 ibdiagnet.pkey, 8 ibdiagnet.psl, 9 ibdiagnet.slvl, or 10 ibdiagnet.sm in /tmp/...

CVE-2013-2561

CVE-2013-2561 affects OpenFabrics ibutils 1.5.7, enabling local users to overwrite arbitrary files via a symlink attack on files in /tmp (ibdiagnet.db, ibdiagnet.fdbs, ibdiagnet_ibis.log, ibdiagnet.log, ibdiagnet.lst, ibdiagnet.mcfdbs, ibdiagnet.pkey, ibdiagnet.psl, ibdiagnet.slvl, ibdiagnet.sm)....

CVE-2013-1894

CVE-2013-1894 is rejected/not used; refer to CVE-2013-2561 as the active entry.

RHEL 6 : RDMA stack (RHSA-2013:1661)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1661 advisory. Red Hat Enterprise Linux includes a collection of Infiniband and iWARP utilities, libraries and development packages for writing application...

SuSE 11.2 / 11.3 Security Update : ibutils (SAT Patch Numbers 8029 / 8030)

Various tmp races in ibdiagnet of ibutils have been fixed that could have been used by local attackers on machines where infiband was debugged to gain privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 1...