CVE-2012-2690

Published Jun 29, 2012
Last updated 7 years ago
CVSS info 2.1
Overview

Description: virt-edit in libguestfs before 1.18.0 does not preserve the permissions from the original file and saves the new file with world-readable permissions when editing, which might allow local guest users to obtain sensitive information.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-255
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77042966-6B71-4BB0-988A-4F3970F4AA4B",
            "versionEndIncluding": "1.17.43"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04515F8E-5A27-4381-B7B7-AADAE47D671E"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D278A56B-B56C-4165-949B-C25FF949ACBC"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9E0BD26-E67F-47FF-B084-B8E9600E27E2"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33A37E2A-DFF4-44B8-A237-D5BFA1E66CFA"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4407B571-7927-4D6D-9854-4B689AE51E1A"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C528DB0A-7E43-4442-A0F0-020ED86B40AE"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19A03D60-1AA5-4BE4-9A17-ECC5480F3B55"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "690F95BA-DF60-451C-9444-BDB2AA1BCE3C"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56E42608-CF94-42F5-81CC-869C49E16F25"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4537FB10-6DA6-420F-A92F-64B87A9EFCF2"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC432530-78E4-4661-ACE1-4DDE24865BA0"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D64DEF3A-E7FF-497C-9ACC-888C92AA0F77"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04429F65-00DD-4A1C-8494-AEAE1E59C909"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D7FBC09-D65D-45F6-8415-782A44C3BEF8"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B5476BB-4A8A-4FF7-8E98-6A36A71EED9C"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01C33E77-3452-45DF-94D7-F582FEF9FC27"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "788A9046-8C39-4E73-BE43-37CD6DB5C00C"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEB97203-5931-4227-B2F0-4E8ADF9AB4F6"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A96D4FC-A451-4826-8687-85AD782B2CA2"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "009E47DF-6663-471E-8F53-684EE73A37F5"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC2FB7D6-0E16-4AEA-B01F-9FAF420E8BC6"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FEE5AD8-C3CD-42C8-8FE9-124BD31E9F06"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2660643-C9BC-4C46-B9AB-ED026FDFDBD2"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A9C99B3-5696-4370-80BA-5D3E4E997D49"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C05F55E2-06F7-400D-8E4A-267F2F9E3231"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA0238BB-79F8-487A-8451-A4CF6E54CDE8"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.16.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10D40F9C-1C7C-43AB-9512-844B65F9BE09"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1C25264-F591-487F-A6A0-6A10091EBBD2"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A11F90A-729A-4152-9829-F98E55056198"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A649D17E-3F18-4457-9D37-DE5794F52D63"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BECC2472-1C8B-4910-987B-37E0E76F2A9F"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3C46FEC-6B24-4848-B2F3-D190A2C27797"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F923948-F8E4-4DFC-AD6A-E0334C36D5F1"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5FF2B7A-7EF3-40B2-BAFE-73AED2F9B420"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D98CCD0B-A7DF-4D96-BE0D-9C3A77784862"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C79A4E05-93BE-4D6A-AFBD-158509F05F18"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD9603FA-FBEB-4FAC-90D8-199AF6195BCF"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DD9D28E-E8A0-401F-9813-5FA4652322FA"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C17AFE4E-83AA-47FB-B8DB-9BD3B8460EA0"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8676D4D8-86A4-4BDF-9936-E6A3A75E95D4"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C776C88-7352-4EC3-8C98-D3CE62D73228"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B756B1B-7357-4DEB-9B64-D54A79D9B041"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1632AF2-7D5B-4972-8D6B-D71BE964CB12"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAC41158-D865-4EA8-8AEE-A58A386E3BD7"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87C64452-10CA-4B19-9B35-A65D0D12CD1B"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E25674C8-966F-40DE-B874-B64E44670030"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AE20AFA-1206-4D74-B3FA-54AC85AB5F19"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6393B4A7-75B3-432F-907B-827E70AE6E42"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6B472A5-2939-48AB-B70A-049B77E1D9BD"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DF8FF77-8B2F-4C94-A410-AD9041555200"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96F422AD-045F-4551-8F1F-592AA0790063"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80225C95-1C57-47A7-86DD-AEF853F3C42F"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E92E60EA-F503-4A93-9DC3-FF7CD739C675"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5880437-9C95-4551-8A41-B72C6ABAC4D3"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39456795-F23E-4395-9672-ED543714BBD0"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20BC7CC0-7A1B-47EE-8BC4-819E7D0ECEF9"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FC526CB-9355-4136-BF5E-7D4539B37A8A"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "901ABE27-B8B5-4C7A-8840-DE7755470503"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAB081F2-D5FE-415B-8055-207716153EC1"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27D4F1CF-AAA8-451A-A8D3-A9BC7DC4B76D"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAC716C8-7C76-4556-8424-30C7FD0E7600"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A7F8070-3F20-4AA9-A127-11713F5285DD"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29CF4E43-ACFD-4CC2-ACA9-BB60BF241794"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7167DDD4-E322-4C46-93E3-C3A9B6BEF96C"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63CA35DE-EC4D-4642-A7F1-049CF888D57D"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F73D4FDA-B905-43CF-9F7B-B80C09FEF79C"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15153731-A1E9-4A6E-84B3-363AAD6B9DF8"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFF89A01-FC64-4514-916E-0749EC68F6E3"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "937BBF4B-4809-4EE8-AE4F-D1FE12B532FE"
          },
          {
            "criteria": "cpe:2.3:a:libguestfs:libguestfs:1.17.42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67FF7B70-98D6-40CC-806D-0169CEBB9929"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
