CVE-2013-6441

Опубликовано: 16 дек. 2013

Источник: redhat

CVSS2: 6

EPSS Низкий

Описание

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

Отчет

This issue did not affect the versions of libvirt (which includes lxc) as shipped with Red Hat Enterprise Linux 6 as they do not include the template file lxc-sshd.in.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libvirt	Not affected
Red Hat Enterprise Linux 7	libvirt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1045988lxc: sshd template allow privilege escalation on host

EPSS

Процентиль: 10%

0.00035

Низкий

6 Medium

CVSS2

Связанные уязвимости

CVE-2013-6441

ubuntu

почти 12 лет назад

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

CVE-2013-6441

nvd

почти 12 лет назад

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

CVE-2013-6441

debian

почти 12 лет назад

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta ...

SUSE-RU-2015:0992-1

suse-cvrf

почти 12 лет назад

Security update for lxc

GHSA-5m9h-29cp-r3fg

github

больше 3 лет назад

The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.

EPSS

Процентиль: 10%

0.00035

Низкий

6 Medium

CVSS2