5 matches found
Elevation Of Privileges By An Untrusted Search Path Vulnerability
Luci is a web-based high availability administration application. A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the...
CentOS 6 : luci (CESA-2013:1603)
Updated luci packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which giv...
Scientific Linux Security Update : luci on SL6.x i386/x86_64 (20131121)
A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user. CVE-2013-4482 A flaw was found in the way luci...
CVE-2013-4482
CVE-2013-4482 affects Luci 0.26.0. The vulnerability is an untrusted search path issue: when Luci is started via its initscript, a local user can exploit a Trojan horse .egg-info file in the current working directory or its parent directories to gain privileges. The issue is confirmed in multiple...
RHEL 6 : luci (RHSA-2013:1603)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:1603 advisory. Luci is a web-based high availability administration application. A flaw was found in the way the luci service was initialized. If a system...