Lucene search
ROSA LABROSA-SA-2021-2004HistoryJul 02, 2021 - 6:21 p.m.
Advisory ROSA-SA-2021-2004
2021-07-0218:21:37
ROSA LAB
abf.rosalinux.ru
7
advisory
zlib 1.2.7
cobalt 7.9
cve-2013-0296
race condition
pigz 2.2.5
permissions
umask
local users
access permissions
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Software: zlib 1.2.7
OS: Cobalt 7.9
CVE-ID: CVE-2013-0296
CVE-Crit: HIGH
CVE-DESC: race condition in pigz before 2.2.5 uses permissions derived from umask when compressing a file before setting that file’s permissions to match those of the source file, which may allow local users to bypass implied access permissions during compression.
CVE-STATUS: default
CVE-REV: default
Related
openvas
openvas
Fedora Update for pigz FEDORA-2013-2589
2013-03-01 00:00:00
Fedora Update for pigz FEDORA-2013-2589
2013-03-01 00:00:00
debiancve
debiancve
CVE-2013-0296
2014-04-27 21:55:05
fedora
fedora
[SECURITY] Fedora 17 Update: pigz-2.2.5-1.fc17
2013-02-26 02:46:22
nessus
nessus
openSUSE Security Update : pigz (openSUSE-SU-2013:0540-1)
2014-06-13 00:00:00
Fedora 17 : pigz-2.2.5-1.fc17 (2013-2589)
2013-02-26 00:00:00
nvd
nvd
CVE-2013-0296
2014-04-27 21:55:05
cve
cve
CVE-2013-0296
2014-04-27 21:55:05
prion
prion
Race condition
2014-04-27 21:55:00
ubuntucve
ubuntucve
CVE-2013-0296
2014-04-27 00:00:00
cvelist
cvelist
CVE-2013-0296
2014-04-27 21:00:00
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Related for ROSA-SA-2021-2004