Описание
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
Конфигурация 2Версия до 12.04.4 (включая)
Одно из
cpe:2.3:a:canonical:maas:*:*:*:*:*:*:*:*
cpe:2.3:a:canonical:maas:12.04.1:*:*:*:*:*:*:*
cpe:2.3:a:canonical:maas:12.04.2:*:*:*:*:*:*:*
cpe:2.3:a:canonical:maas:12.04.3:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
ubuntu
около 12 лет назад
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
github
больше 3 лет назад
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
EPSS
Процентиль: 27%
0.00097
Низкий
4.4 Medium
CVSS2
Дефекты
CWE-20