Lucene search
PRIOn knowledge basePRION:CVE-2014-4038HistoryJun 17, 2014 - 3:55 p.m.
Code injection
2014-06-1715:55:00
PRIOn knowledge base
www.prio-n.com
2
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/snapH.tar.gz, or (3) lpd/test/lpd_ela_test.sh and /var/tmp/ras.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ppc64-diag | eq | 2.6.1 | |
| enterprise_linux_server | eq | 7.0 | |
| enterprise_linux_server | eq | 6.0 | |
| linux_enterprise_server | eq | 11 sp3 |
References
lists.opensuse.org/opensuse-security-announce/2014-07/msg00018.html
openwall.com/lists/oss-security/2014/06/17/1
rhn.redhat.com/errata/RHSA-2015-0383.html
rhn.redhat.com/errata/RHSA-2015-1320.html
secunia.com/advisories/60616
www.securityfocus.com/bid/68049
bugzilla.novell.com/show_bug.cgi?id=882667
bugzilla.redhat.com/show_bug.cgi?id=1109371
Related
nvd
nvd
CVE-2014-4038
2014-06-17 15:55:06
ubuntucve
ubuntucve
CVE-2014-4038
2014-06-17 00:00:00
veracode
veracode
Arbitrary File Write
2019-01-15 09:06:35
Privilege Escalation
2019-05-02 05:41:01
debiancve
debiancve
CVE-2014-4038
2014-06-17 15:55:06
cve
cve
CVE-2014-4038
2014-06-17 15:55:06
cvelist
cvelist
CVE-2014-4038
2014-06-17 15:00:00
openvas
openvas
openSUSE: Security Advisory for ppc64-diag (openSUSE-SU-2014:0953-2)
2014-08-05 00:00:00
SUSE: Security Advisory for ppc64-diag (SUSE-SU-2014:0928-1)
2015-10-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0928-1)
2021-06-09 00:00:00
redhat
redhat
suse
suse
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-31 08:19:46
ppc64-diag: fix for tmp races and information disclosure (important)
2014-07-30 21:20:51
Security update for ppc64-diag (important)
2014-07-23 23:04:53
