Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-2007

Опубликовано: 06 мая 2013
Источник: redhat
CVSS2: 6.2
EPSS Низкий

Описание

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

Отчет

This issue does not affect the kvm package as shipped with Red Hat Enterprise Linux 5. This issue does not affect the xen package as shipped with Red Hat Enterprise Linux 5. This issue does affect the qemu-kvm package as shipped with Red Hat Enterprise Linux 6. Future qemu-kvm updates in Red Hat Enterprise Linux 6 may address this flaw. Please note that due to differences in upstream and Red Hat Enterprise Linux 6 versions of qemu guest agent this issue has lower security impact on systems running Red Hat Enterprise Linux 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5virtio-winNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6virtio-winNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux Extended Update Support 6.4qemu-kvmAffected
Red Hat OpenStack Platform 3qemu-kvm-rhevNot affected
Red Hat Enterprise Linux 6qemu-kvmFixedRHSA-2013:089603.06.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=956082qemu: guest agent creates files with insecure permissions in deamon mode

EPSS

Процентиль: 8%
0.00034
Низкий

6.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-2007

ubuntu
больше 12 лет назад

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

nvd логотип

CVE-2013-2007

nvd
больше 12 лет назад

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

debian логотип

CVE-2013-2007

debian
больше 12 лет назад

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when s ...

github логотип

GHSA-qf79-fpj8-8m3g

github
больше 3 лет назад

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

oracle-oval логотип

ELSA-2013-0896

oracle-oval
около 12 лет назад

ELSA-2013-0896: qemu-kvm security and bug fix update (MODERATE)

EPSS

Процентиль: 8%
0.00034
Низкий

6.2 Medium

CVSS2