7.5

CVE-2013-4159

EPSS 0.62%
Veröffentlicht 06.08.2014 18:55:05
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ctdb Project ≫ Ctdb Version <= 2.2

Ctdb Project ≫ Ctdb Version2.0

Ctdb Project ≫ Ctdb Version2.1

Opensuse ≫ Opensuse Version12.3

Opensuse ≫ Opensuse Version13.1

Mageia ≫ Mageia Version3.0

Mageia ≫ Mageia Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.62%	0.692

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://advisories.mageia.org/MGASA-2014-0274.html

http://lists.opensuse.org/opensuse-updates/2014-06/msg00052.html

Vendor Advisory

http://wiki.samba.org/index.php/CTDB2releaseNotes#ctdb_2.5

http://www.mandriva.com/security/advisories?name=MDVSA-2015:177

http://www.openwall.com/lists/oss-security/2014/05/29/12

https://bugzilla.redhat.com/show_bug.cgi?id=986773

https://git.samba.org/?p=ctdb.git%3Ba=commitdiff%3Bh=b9b9f6738fba5c32e87cb9c36b358355b444fb9b

https://nvd.nist.gov/vuln/detail/CVE-2013-4159

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4159

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4159

EUVD