CVE-2013-4157

Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp.
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:storage_server:2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:54

Type Values Removed Values Added
References () http://rhn.redhat.com/errata/RHSA-2013-1205.html - Vendor Advisory () http://rhn.redhat.com/errata/RHSA-2013-1205.html - Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=986516 - Patch, Vendor Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=986516 - Patch, Vendor Advisory

Information

Published : 2013-10-04 17:55

Updated : 2024-11-21 01:54


NVD link : CVE-2013-4157

Mitre link : CVE-2013-4157

CVE.ORG link : CVE-2013-4157


JSON object : View

Products Affected

redhat

  • storage_server
CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')