Описание
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 2.1 | openstack-packstack | Affected | ||
| OpenStack Folsom for RHEL 6 | openstack-packstack | Fixed | RHSA-2013:0671 | 21.03.2013 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=917904packstack: answerfile creation permissions issue
4.4 Medium
CVSS2
Связанные уязвимости
nvd
почти 13 лет назад
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
github
больше 3 лет назад
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed systems by changing this file.
4.4 Medium
CVSS2