Vulnerability-Lookup

CVE-2013-4482 (GCVE-0-2013-4482)

Vulnerability from cvelistv5 – Published: 2013-11-23 11:00 – Updated: 2024-08-06 16:45

Summary

Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

FKIE_CVE-2013-4482

Vulnerability from fkie_nvd - Published: 2013-11-23 11:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-1603.html	Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=990321
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1603.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=990321

Impacted products

	Vendor	Product	Version
	scientificlinux	luci	0.26.0
	redhat	enterprise_linux	6.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:scientificlinux:luci:0.26.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2283AAF-A541-4E4D-8517-D94FAFF3E8EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en python-paste-script (tambi\u00e9n conocido como paster) en Luci 0.26.0, cuando se comienza a usar el initscript, permite a usuarios locales obtener privilegios a trav\u00e9s de un caballo de troya en el archivo .egg-info en el (1) directorio de trabajo actual o (2) sus directorios padres."
    }
  ],
  "evaluatorComment": "http://cwe.mitre.org/data/definitions/426.html\n\n\"CWE-426: Untrusted Search Path\"",
  "id": "CVE-2013-4482",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-23T11:55:04.693",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2013:1603

Vulnerability from csaf_redhat - Published: 2013-11-20 19:34 - Updated: 2025-11-21 17:46

Summary

Red Hat Security Advisory: luci security, bug fix, and enhancement update

Notes

Topic

Updated luci packages that fix two security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

Luci is a web-based high availability administration application. A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user. (CVE-2013-4482) A flaw was found in the way luci generated its configuration file. The file was created as world readable for a short period of time, allowing a local user to gain access to the authentication secrets stored in the configuration file. (CVE-2013-4481) These issues were discovered by Jan Pokorný of Red Hat. These updated luci packages include numerous bug fixes and two enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes. All luci users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements. After installing this update, the luci service will be restarted automatically.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated luci packages that fix two security issues, several bugs, and add\ntwo enhancements are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Luci is a web-based high availability administration application.\n\nA flaw was found in the way the luci service was initialized. If a system\nadministrator started the luci service from a directory that was writable\nto by a local user, that user could use this flaw to execute arbitrary code\nas the root or luci user. (CVE-2013-4482)\n\nA flaw was found in the way luci generated its configuration file. The file\nwas created as world readable for a short period of time, allowing a local\nuser to gain access to the authentication secrets stored in the\nconfiguration file. (CVE-2013-4481)\n\nThese issues were discovered by Jan Pokorn\u00fd of Red Hat.\n\nThese updated luci packages include numerous bug fixes and two\nenhancements. Space precludes documenting all of these changes in this\nadvisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical\nNotes, linked to in the References, for information on the most significant\nof these changes.\n\nAll luci users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add these\nenhancements. After installing this update, the luci service will be\nrestarted automatically.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:1603",
        "url": "https://access.redhat.com/errata/RHSA-2013:1603"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/luci.html#RHSA-2013-1603",
        "url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/luci.html#RHSA-2013-1603"
      },
      {
        "category": "external",
        "summary": "878149",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=878149"
      },
      {
        "category": "external",
        "summary": "880363",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880363"
      },
      {
        "category": "external",
        "summary": "883008",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883008"
      },
      {
        "category": "external",
        "summary": "886517",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886517"
      },
      {
        "category": "external",
        "summary": "886576",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=886576"
      },
      {
        "category": "external",
        "summary": "917747",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917747"
      },
      {
        "category": "external",
        "summary": "988998",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988998"
      },
      {
        "category": "external",
        "summary": "990321",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
      },
      {
        "category": "external",
        "summary": "1001835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001835"
      },
      {
        "category": "external",
        "summary": "1001836",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001836"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1603.json"
      }
    ],
    "title": "Red Hat Security Advisory: luci security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2025-11-21T17:46:01+00:00",
      "generator": {
        "date": "2025-11-21T17:46:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2013:1603",
      "initial_release_date": "2013-11-20T19:34:00+00:00",
      "revision_history": [
        {
          "date": "2013-11-20T19:34:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-11-20T19:39:24+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:46:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux High Availability (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux High Availability (v. 6)",
                  "product_id": "6Server-HighAvailability",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Resilient Storage (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Resilient Storage (v. 6)",
                  "product_id": "6Server-ResilientStorage",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "luci-debuginfo-0:0.26.0-48.el6.x86_64",
                "product": {
                  "name": "luci-debuginfo-0:0.26.0-48.el6.x86_64",
                  "product_id": "luci-debuginfo-0:0.26.0-48.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/luci-debuginfo@0.26.0-48.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "luci-0:0.26.0-48.el6.x86_64",
                "product": {
                  "name": "luci-0:0.26.0-48.el6.x86_64",
                  "product_id": "luci-0:0.26.0-48.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/luci@0.26.0-48.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "luci-debuginfo-0:0.26.0-48.el6.i686",
                "product": {
                  "name": "luci-debuginfo-0:0.26.0-48.el6.i686",
                  "product_id": "luci-debuginfo-0:0.26.0-48.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/luci-debuginfo@0.26.0-48.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "luci-0:0.26.0-48.el6.i686",
                "product": {
                  "name": "luci-0:0.26.0-48.el6.i686",
                  "product_id": "luci-0:0.26.0-48.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/luci@0.26.0-48.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "luci-0:0.26.0-48.el6.src",
                "product": {
                  "name": "luci-0:0.26.0-48.el6.src",
                  "product_id": "luci-0:0.26.0-48.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/luci@0.26.0-48.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.i686 as a component of Red Hat Enterprise Linux High Availability (v. 6)",
          "product_id": "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686"
        },
        "product_reference": "luci-0:0.26.0-48.el6.i686",
        "relates_to_product_reference": "6Server-HighAvailability"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.src as a component of Red Hat Enterprise Linux High Availability (v. 6)",
          "product_id": "6Server-HighAvailability:luci-0:0.26.0-48.el6.src"
        },
        "product_reference": "luci-0:0.26.0-48.el6.src",
        "relates_to_product_reference": "6Server-HighAvailability"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 6)",
          "product_id": "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64"
        },
        "product_reference": "luci-0:0.26.0-48.el6.x86_64",
        "relates_to_product_reference": "6Server-HighAvailability"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-debuginfo-0:0.26.0-48.el6.i686 as a component of Red Hat Enterprise Linux High Availability (v. 6)",
          "product_id": "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686"
        },
        "product_reference": "luci-debuginfo-0:0.26.0-48.el6.i686",
        "relates_to_product_reference": "6Server-HighAvailability"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-debuginfo-0:0.26.0-48.el6.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 6)",
          "product_id": "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64"
        },
        "product_reference": "luci-debuginfo-0:0.26.0-48.el6.x86_64",
        "relates_to_product_reference": "6Server-HighAvailability"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.i686 as a component of Red Hat Enterprise Linux Resilient Storage (v. 6)",
          "product_id": "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686"
        },
        "product_reference": "luci-0:0.26.0-48.el6.i686",
        "relates_to_product_reference": "6Server-ResilientStorage"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.src as a component of Red Hat Enterprise Linux Resilient Storage (v. 6)",
          "product_id": "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src"
        },
        "product_reference": "luci-0:0.26.0-48.el6.src",
        "relates_to_product_reference": "6Server-ResilientStorage"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-0:0.26.0-48.el6.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 6)",
          "product_id": "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64"
        },
        "product_reference": "luci-0:0.26.0-48.el6.x86_64",
        "relates_to_product_reference": "6Server-ResilientStorage"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-debuginfo-0:0.26.0-48.el6.i686 as a component of Red Hat Enterprise Linux Resilient Storage (v. 6)",
          "product_id": "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686"
        },
        "product_reference": "luci-debuginfo-0:0.26.0-48.el6.i686",
        "relates_to_product_reference": "6Server-ResilientStorage"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "luci-debuginfo-0:0.26.0-48.el6.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 6)",
          "product_id": "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
        },
        "product_reference": "luci-debuginfo-0:0.26.0-48.el6.x86_64",
        "relates_to_product_reference": "6Server-ResilientStorage"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jan Pokorn\u00fd"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-4481",
      "discovery_date": "2013-07-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "988998"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way luci generated its configuration file. The file was created as world readable for a short period of time, allowing a local user to gain access to the authentication secrets stored in the configuration file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "luci: short exposure of authentication secrets while generating configuration file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
          "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
          "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
          "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
          "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4481"
        },
        {
          "category": "external",
          "summary": "RHBZ#988998",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988998"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4481",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4481"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4481",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4481"
        }
      ],
      "release_date": "2013-11-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-11-20T19:34:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1603"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "luci: short exposure of authentication secrets while generating configuration file"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jan Pokorn\u00fd"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2013-4482",
      "discovery_date": "2013-07-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "990321"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "luci: paster hidden untrusted path and \"command\" (callable association) injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
          "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
          "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
          "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
          "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
          "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
          "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4482"
        },
        {
          "category": "external",
          "summary": "RHBZ#990321",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4482",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4482"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4482",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4482"
        }
      ],
      "release_date": "2013-11-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-11-20T19:34:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1603"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 3.7,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.src",
            "6Server-HighAvailability:luci-0:0.26.0-48.el6.x86_64",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-HighAvailability:luci-debuginfo-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.src",
            "6Server-ResilientStorage:luci-0:0.26.0-48.el6.x86_64",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.i686",
            "6Server-ResilientStorage:luci-debuginfo-0:0.26.0-48.el6.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "luci: paster hidden untrusted path and \"command\" (callable association) injection"
    }
  ]
}

GHSA-F585-5P5J-MVF8

Vulnerability from github – Published: 2022-05-14 01:08 – Updated: 2022-05-14 01:08

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4482"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-23T11:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.",
  "id": "GHSA-f585-5p5j-mvf8",
  "modified": "2022-05-14T01:08:28Z",
  "published": "2022-05-14T01:08:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4482"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2013-4482

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-4482

Aliases

CVE-2013-4482

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4482",
    "description": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.",
    "id": "GSD-2013-4482",
    "references": [
      "https://access.redhat.com/errata/RHSA-2013:1603"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4482"
      ],
      "details": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.",
      "id": "GSD-2013-4482",
      "modified": "2023-12-13T01:22:16.303770Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-4482",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2013-1603.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=990321",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:scientificlinux:luci:0.26.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4482"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=990321",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=990321"
            },
            {
              "name": "RHSA-2013:1603",
              "refsource": "REDHAT",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1603.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 1.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-04-22T17:48Z",
      "publishedDate": "2013-11-23T11:55Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-4482 (GCVE-0-2013-4482)

FKIE_CVE-2013-4482

RHSA-2013:1603

GHSA-F585-5P5J-MVF8

GSD-2013-4482

Tags

Sightings

Nomenclature