Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.3
CVSSv2

CVE-2013-4392

Published: 28/10/2013 Updated: 31/01/2022
CVSS v2 Base Score: 3.3 | Impact Score: 4.9 | Exploitability Score: 3.4
VMScore: 295
Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Systemd

Vulnerability Summary

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

systemd project systemd

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2013-4392: TOCTOU race condition when updating file permissions and SELinux security contexts
Debian Bug report logs - #725357 CVE-2013-4392: TOCTOU race condition when updating file permissions and SELinux security contexts Package: systemd; Maintainer for systemd is Debian systemd Maintainers <pkg-systemd-maintainers@listsaliothdebianorg>; Source for systemd is src:systemd (PTS, buildd, popcon) Reported by: Mori ...
Red Hat: CVE-2013-4392
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files ...

Github Repositories

https://github.com/mchmarny/vimp

Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.

vimp Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures vimp CLI currently supports output from common open source vulnerability scanners like grype, snyk, and trivy The CLI also comes with an embedded data store (sqlite) and support for other databases, like BigQuery Alternatively, vimp can also output to local file (JSON

https://github.com/mchmarny/vulctl

Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures.

vimp Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures vimp CLI currently supports output from common open source vulnerability scanners like grype, snyk, and trivy The CLI also comes with an embedded data store (sqlite) and support for other databases, like BigQuery Alternatively, vimp can also output to local file (JSON

References

CWE-59http://www.openwall.com/lists/oss-security/2013/10/01/9https://bugzilla.redhat.com/show_bug.cgi?id=859060http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357https://nvd.nist.govhttps://github.com/mchmarny/vimphttps://access.redhat.com/security/cve/cve-2013-4392
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook