ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Ctdb Project
  • Ctdb
Mageia
  • Mageia
Opensuse
  • Opensuse

Configuration 1 [-]

OR cpe:2.3:a:ctdb_project:ctdb:*:*:*:*:*:*:*:*
cpe:2.3:a:ctdb_project:ctdb:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ctdb_project:ctdb:2.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:mageia:mageia:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mageia:mageia:4.0:*:*:*:*:*:*:*

No data.

References
Link Providers
http://advisories.mageia.org/MGASA-2014-0274.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2014-06/msg00052.html cve-icon cve-icon
http://wiki.samba.org/index.php/CTDB2releaseNotes#ctdb_2.5 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2015:177 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2014/05/29/12 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=986773 cve-icon cve-icon
https://git.samba.org/?p=ctdb.git%3Ba=commitdiff%3Bh=b9b9f6738fba5c32e87cb9c36b358355b444fb9b cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-4159 cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-4159 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-08-06T18:00:00

Updated: 2024-08-06T16:30:50.054Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4159

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-08-06T18:55:05.620

Modified: 2024-11-21T01:54:59.477

Link: CVE-2013-4159

cve-icon Redhat

Severity : Low

Publid Date: 2013-10-30T00:00:00Z

Links: CVE-2013-4159 - Bugzilla