CVE-2016-3096

EPSS 0.08%
Published 03.06.2016 14:59:04
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

Affected products Warnungen 0 Metrics 3 CWE 1 References 16

Data is provided by the National Vulnerability Database (NVD)

Fedoraproject ≫ Fedora Version22

Fedoraproject ≫ Fedora Version23

Fedoraproject ≫ Fedora Version24

Redhat ≫ Ansible Version <= 1.9.6

Redhat ≫ Ansible Version2.0

Redhat ≫ Ansible Version2.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.236

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183103.html

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183132.html

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183252.html

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183274.html

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184175.html

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1322925

Issue Tracking