Lucene search
Ubuntu.comUB:CVE-2014-4038HistoryJun 17, 2014 - 12:00 a.m.
CVE-2014-4038
2014-06-1700:00:00
ubuntu.com
ubuntu.com
8
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a
symlink attack related to (1) rtas_errd/diag_support.c and
/tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and
/tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and
/var/tmp/ras.
Bugs
References
Related
nvd
nvd
CVE-2014-4038
2014-06-17 15:55:06
veracode
veracode
Arbitrary File Write
2019-01-15 09:06:35
Privilege Escalation
2019-05-02 05:41:01
debiancve
debiancve
CVE-2014-4038
2014-06-17 15:55:06
cve
cve
CVE-2014-4038
2014-06-17 15:55:06
prion
prion
Code injection
2014-06-17 15:55:00
cvelist
cvelist
CVE-2014-4038
2014-06-17 15:00:00
suse
suse
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-31 08:19:46
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-30 21:20:51
Security update for ppc64-diag (important)
2014-07-23 23:04:53
openvas
openvas
openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-2)
2014-08-05 00:00:00
SUSE: Security Advisory for ppc64-diag (SUSE-SU-2014:0928-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0928-1)
2021-06-09 00:00:00
redhat
redhat
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2014-4038