Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0219

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2013-0219
Last Modified 10 Oct 2013 11:48:29
Published 24 Feb 2013 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2013-0219

Summary

System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 5

  • Redhat Enterprise Linux 6

Application

  • Fedoraproject Sssd 0.2.1

  • Fedoraproject Sssd 0.3.0

  • Fedoraproject Sssd 0.3.1

  • Fedoraproject Sssd 0.3.2

  • Fedoraproject Sssd 0.3.3

  • Fedoraproject Sssd 0.4.0

  • Fedoraproject Sssd 0.4.1

  • Fedoraproject Sssd 0.5.0

  • Fedoraproject Sssd 0.6.0

  • Fedoraproject Sssd 0.6.1

  • Fedoraproject Sssd 0.7.0

  • Fedoraproject Sssd 0.7.1

  • Fedoraproject Sssd 0.99.0

  • Fedoraproject Sssd 0.99.1

  • Fedoraproject Sssd 1.0.0

  • Fedoraproject Sssd 1.0.1

  • Fedoraproject Sssd 1.0.2

  • Fedoraproject Sssd 1.0.3

  • Fedoraproject Sssd 1.0.4

  • Fedoraproject Sssd 1.0.5

  • Fedoraproject Sssd 1.0.6

  • Fedoraproject Sssd 1.0.99

  • Fedoraproject Sssd 1.1.0

  • Fedoraproject Sssd 1.1.1

  • Fedoraproject Sssd 1.1.2

  • Fedoraproject Sssd 1.1.91

  • Fedoraproject Sssd 1.1.92

  • Fedoraproject Sssd 1.2.0

  • Fedoraproject Sssd 1.2.1

  • Fedoraproject Sssd 1.2.2

  • Fedoraproject Sssd 1.2.3

  • Fedoraproject Sssd 1.2.4

  • Fedoraproject Sssd 1.2.91

  • Fedoraproject Sssd 1.3.0

  • Fedoraproject Sssd 1.3.1

  • Fedoraproject Sssd 1.4.0

  • Fedoraproject Sssd 1.4.1

  • Fedoraproject Sssd 1.5.0

  • Fedoraproject Sssd 1.5.1

  • Fedoraproject Sssd 1.5.10

  • Fedoraproject Sssd 1.5.11

  • Fedoraproject Sssd 1.5.12

  • Fedoraproject Sssd 1.5.13

  • Fedoraproject Sssd 1.5.14

  • Fedoraproject Sssd 1.5.15

  • Fedoraproject Sssd 1.5.16

  • Fedoraproject Sssd 1.5.17

  • Fedoraproject Sssd 1.5.2

  • Fedoraproject Sssd 1.5.3

  • Fedoraproject Sssd 1.5.4

  • Fedoraproject Sssd 1.5.5

  • Fedoraproject Sssd 1.5.6

  • Fedoraproject Sssd 1.5.6.1

  • Fedoraproject Sssd 1.5.7

  • Fedoraproject Sssd 1.5.8

  • Fedoraproject Sssd 1.5.9

  • Fedoraproject Sssd 1.6.0

  • Fedoraproject Sssd 1.6.1

  • Fedoraproject Sssd 1.6.2

  • Fedoraproject Sssd 1.6.3

  • Fedoraproject Sssd 1.6.4

  • Fedoraproject Sssd 1.7.0

  • Fedoraproject Sssd 1.8.0

  • Fedoraproject Sssd 1.8.1

  • Fedoraproject Sssd 1.8.2

  • Fedoraproject Sssd 1.8.3

  • Fedoraproject Sssd 1.8.4

  • Fedoraproject Sssd 1.8.5

  • Fedoraproject Sssd 1.8.6

  • Fedoraproject Sssd 1.9.0

  • Fedoraproject Sssd 1.9.1

  • Fedoraproject Sssd 1.9.2

  • Fedoraproject Sssd 1.9.3


References

CONFIRM - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.4

CONFIRM - https://fedorahosted.org/sssd/ticket/1782

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=884254

BID - 57539

SECUNIA - 52315

SECUNIA - 51928

REDHAT - RHSA-2013:0508

FEDORA - FEDORA-2013-1826

FEDORA - FEDORA-2013-1795

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=e864d914a44a37016736554e9257c06b18c57d37

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=94cbf1cfb0f88c967f1fb0a4cf23723148868e4a

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=3843b284cd3e8f88327772ebebc7249990fd87b9

CONFIRM - http://git.fedorahosted.org/cgit/sssd.git/commit/?id=020bf88fd1c5bdac8fc671b37c7118f5378c7047

REDHAT - RHSA-2013:1319


Last Updated: 27 May 2016 11:01:57