Vulnerability CVE-2013-4159

Vulnerability Name:

CVE-2013-4159 (CCN-102917)

Assigned:

2013-08-14

Published:

2013-08-14

Updated:

2023-02-13

Summary:

CTDB could allow a local attacker to cause an unspecified impact, caused by temporary files are created insecurely by multiple components. A local attacker could exploit this vulnerability to cause an unspecified impact.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Consequences:

Informational

References:

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: MITRE
Type: CNA
CVE-2013-4159

Source: CCN
Type: openSUSE Web site
ctdb: Upgrade to version 2.3 to fix one security issue

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla - Bug 98677
ctdb: /tmp file vulnerability issues

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: CTDB Web site
Welcome to the CTDB web pages

Source: XF
Type: UNKNOWN
ctdb-cve20134159-unspec(102917)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:9140	P	Security update for libvirt (Important)	2022-01-11
oval:org.opensuse.security:def:26219	P	Security update for apache2 (Important) (in QA)	2022-01-10
oval:org.opensuse.security:def:10195	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:9072	P	Security update for MozillaFirefox (Important)	2021-12-10
oval:org.opensuse.security:def:9064	P	Security update for poppler (Important)	2021-12-01
oval:org.opensuse.security:def:20134159	V	CVE-2013-4159	2021-11-06
oval:org.opensuse.security:def:26138	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:9393	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:9385	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:9374	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:9372	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:9363	P	Security update for sqlite3 (Important)	2021-07-14
oval:org.opensuse.security:def:9359	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:9544	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:9535	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:36385	P	ctdb-devel-1.0.114.6-0.11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15557	P	ctdb-devel-2.5.3-4.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15729	P	ctdb-devel-2.5.5-1.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:9321	P	Security update for java-11-openjdk (Important)	2021-05-11
oval:org.opensuse.security:def:9312	P	Security update for MozillaFirefox (Important)	2021-04-29
oval:org.opensuse.security:def:9493	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:28960	P	Security update for sudo (Important)	2021-03-24
oval:org.opensuse.security:def:9468	P	Security update for openssl-1_0_0 (Moderate)	2021-03-11
oval:org.opensuse.security:def:10217	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:9094	P	Security update for rpmlint (Moderate)	2021-03-01
oval:org.opensuse.security:def:9557	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:9236	P	Security update for gcc10, nvptx-tools (Moderate)	2020-12-04
oval:org.opensuse.security:def:28225	P	Security update for libsndfile (Moderate)	2020-12-01
oval:org.opensuse.security:def:26564	P	gzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9221	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26609	P	libxslt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26710	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27621	P	Security update for gtk2	2020-12-01
oval:org.opensuse.security:def:25946	P	Security update for gnome-shell (Low)	2020-12-01
oval:org.opensuse.security:def:28123	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27716	P	Security update for ctdb	2020-12-01
oval:org.opensuse.security:def:26267	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.opensuse.security:def:26360	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:9187	P	libz1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28278	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:26471	P	Security update for Mozilla Thunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:26652	P	xorg-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9244	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10023	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:27888	P	Security update for rubygem-rack-ssl	2020-12-01
oval:org.opensuse.security:def:27043	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26613	P	mono-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26279	P	Security update for gimp (Low)	2020-12-01
oval:org.opensuse.security:def:9296	P	xorg-x11-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28995	P	Security update for ctdb	2020-12-01
oval:org.opensuse.security:def:27545	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26693	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27348	P	libsnmp15-openssl1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27749	P	Security update for FUSE	2020-12-01
oval:org.opensuse.security:def:26985	P	logrotate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26010	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:28176	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26268	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26511	P	Security update for icingaweb2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:9202	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28322	P	Security update for perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26552	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26666	P	amavisd-new on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9266	P	syslog-service on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26946	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27557	P	rubygem-activesupport-3_2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10045	P	ctdb-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27972	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27681	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:26276	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:28264	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:26343	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:27546	P	python-logilab-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26844	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27383	P	ctdb-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25934	P	Security update for the Linux kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27831	P	Security update for lxc	2020-12-01
oval:org.opensuse.security:def:26999	P	openCryptoki on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20134159000	V	CVE-2013-4159 on Ubuntu 12.04 LTS (precise) - low.	2014-08-06
oval:com.ubuntu.trusty:def:20134159000	V	CVE-2013-4159 on Ubuntu 14.04 LTS (trusty) - low.	2014-08-06

BACK