CVE-2012-0786

Опубликовано: 11 авг. 2012

Источник: redhat

CVSS2: 3.3

Описание

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 3	augeas	Affected
Red Hat Enterprise Linux 6	augeas	Fixed	RHSA-2013:1537	20.11.2013
Red Hat Storage 3 for RHEL 6	augeas	Fixed	RHSA-2013:1537	20.11.2013
RHEV 3.X Hypervisor and Agents for RHEL-6	augeas	Fixed	RHSA-2013:1537	20.11.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=772257augeas: susceptible to symlink attack

3.3 Low

CVSS2

Связанные уязвимости

CVE-2012-0786

ubuntu

почти 12 лет назад

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

CVE-2012-0786

nvd

почти 12 лет назад

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

CVE-2012-0786

debian

почти 12 лет назад

The transform_save function in transform.c in Augeas before 1.0.0 allo ...

GHSA-v2f6-mg42-536m

github

больше 3 лет назад

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

ELSA-2013-1537

oracle-oval

больше 11 лет назад

ELSA-2013-1537: augeas security, bug fix, and enhancement update (LOW)

3.3 Low

CVSS2