CVE-2013-6435

Published: 16/12/2014 Updated: 13/02/2023

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 676

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Race condition in RPM 4.11.1 and previous versions allows remote malicious users to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rpm rpm 2.3.5
rpm rpm 4.4.2.1
rpm rpm 1.4.3
rpm rpm 3.0.1
rpm rpm 4.1
rpm rpm 2.2.3.11
rpm rpm 4.8.0
rpm rpm 2.4.4
rpm rpm 2.3.8
rpm rpm 2.0.6
rpm rpm 1.4.4
rpm rpm 1.4.2/a
rpm rpm 2.4.1
rpm rpm 2.4.9
rpm rpm 2.6.7
rpm rpm 1.4
rpm rpm 2.0.10
rpm rpm 2.4.5
rpm rpm 4.9.0
rpm rpm 4.0.1
rpm rpm 4.9.1.2
rpm rpm 2.2.11
rpm rpm 4.0.4
rpm rpm 2.2.1
rpm rpm 2.0.1
rpm rpm 1.4.2
rpm rpm 3.0.3
rpm rpm 2.0.7
rpm rpm 4.0.2
rpm rpm 2.2.8
rpm rpm 3.0.2
rpm rpm 4.6.0
rpm rpm 1.2
rpm rpm 4.0.
rpm rpm 2.1.1
rpm rpm 4.3.3
rpm rpm 4.10.0
rpm rpm 2.5.5
rpm rpm 2.0.8
rpm rpm 4.10.1
rpm rpm 4.8.1
rpm rpm 2.3
rpm rpm 4.4.2.2
rpm rpm 2.4.8
rpm rpm 3.0.4
rpm rpm 2.5.6
rpm rpm 2.0
rpm rpm 2.0.2
rpm rpm 2.3.2
rpm rpm 2.4.3
rpm rpm 2.4.2
rpm rpm 1.4.5
rpm rpm 2.0.11
rpm rpm 3.0.5
rpm rpm 1.3
rpm rpm 4.7.2
rpm rpm 4.9.1
rpm rpm 2.2.3
rpm rpm 2.2
rpm rpm
rpm rpm 2.1.2
rpm rpm 2.3.9
rpm rpm 2.2.4
rpm rpm 2.2.9
rpm rpm 2.5.3
rpm rpm 2.2.6
rpm rpm 4.7.0
rpm rpm 2.3.6
rpm rpm 2.5
rpm rpm 2.2.3.10
rpm rpm 4.9.1.1
rpm rpm 2.0.5
rpm rpm 1.4.1
rpm rpm 4.4.2.3
rpm rpm 4.10.2
rpm rpm 2.4.12
rpm rpm 2.5.4
rpm rpm 4.6.1
rpm rpm 1.4.7
rpm rpm 3.0
rpm rpm 1.4.6
rpm rpm 2.5.2
rpm rpm 2.4.11
rpm rpm 2.0.9
rpm rpm 2.1
rpm rpm 2.2.10
rpm rpm 2.3.3
rpm rpm 2.3.7
rpm rpm 2.3.4
rpm rpm 4.7.1
rpm rpm 2.0.4
rpm rpm 1.3.1
rpm rpm 3.0.6
rpm rpm 2.0.3
rpm rpm 2.3.1
rpm rpm 4.0.3
rpm rpm 2.4.6
rpm rpm 4.5.90
rpm rpm 2.5.1
rpm rpm 2.2.5
rpm rpm 2.2.2
rpm rpm 2.2.7
debian debian linux 7.0

Several security issues were fixed in RPM ...

Debian Bug report logs - #773101 CVE-2013-6435 CVE-2014-8118 Package: rpm; Maintainer for rpm is RPM packaging team <team+pkg-rpm@trackerdebianorg>; Source for rpm is src:rpm (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sun, 14 Dec 2014 10:51:01 UTC Severity: grave Tags: patch, secu ...

It was found that RPM could encounter an integer overflow, leading to a stack-based overflow, while parsing a crafted CPIO header in the payload section of an RPM file This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation (CVE-2014-8118) It was found ...

CWE-74 https://securityblog.redhat.com/2014/12/10/analysis-of-the-cve-2013-6435-flaw-in-rpm/http://rhn.redhat.com/errata/RHSA-2014-1974.html https://bugzilla.redhat.com/show_bug.cgi?id=1039811 http://rhn.redhat.com/errata/RHSA-2014-1975.html http://rhn.redhat.com/errata/RHSA-2014-1976.html http://www.debian.org/security/2015/dsa-3129 http://www.mandriva.com/security/advisories?name=MDVSA-2014:251 http://www.mandriva.com/security/advisories?name=MDVSA-2015:056 http://advisories.mageia.org/MGASA-2014-0529.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/71558 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 https://security.gentoo.org/glsa/201811-22 https://nvd.nist.gov https://usn.ubuntu.com/2479-1/

CVE-2013-6435

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect