[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-4159Date: (C)2014-08-07   (M)2023-12-22


ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
MDVSA-2015:177
http://www.openwall.com/lists/oss-security/2014/05/29/12
http://advisories.mageia.org/MGASA-2014-0274.html
http://wiki.samba.org/index.php/CTDB2releaseNotes#ctdb_2.5
https://bugzilla.redhat.com/show_bug.cgi?id=986773
https://git.samba.org/?p=ctdb.git%3Ba=commitdiff%3Bh=b9b9f6738fba5c32e87cb9c36b358355b444fb9b
openSUSE-SU-2014:0842

CWE    1
CWE-264
OVAL    1
oval:org.secpod.oval:def:108087

© SecPod Technologies