CVE-2013-4159
Published Aug 6, 2014
Last updated 2 years ago
Overview
- Description
- ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ctdb_project:ctdb:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D38E7DA-DFA8-4D25-95C8-7C5E7CC1A9A4",
"versionEndIncluding": "2.2"
},
{
"criteria": "cpe:2.3:a:ctdb_project:ctdb:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8860AFB4-FE94-4AEC-9B05-C0EFEA6FACDD"
},
{
"criteria": "cpe:2.3:a:ctdb_project:ctdb:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E1817A70-63B5-456C-81A5-D8D6C83EFC91"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "76F1E356-E019-47E8-AA5F-702DA93CF74E"
},
{
"criteria": "cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F805A106-9A6F-48E7-8582-D3C5A26DFC11"
}
],
"operator": "OR"
}
]
}
]