Lucene search
UbuntuUSN-2104-1HistoryFeb 12, 2014 - 12:00 a.m.
LXC vulnerability
2014-02-1200:00:00
ubuntu.com
32
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Releases
- Ubuntu 13.10
Packages
- lxc - Linux Containers userspace tools
Details
Florian Sagar discovered that the LXC sshd template set incorrect mount
permissions. An attacker could possibly use this flaw to cause privilege
escalation on the host.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 13.10 | noarch | lxc-templates | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | liblxc0 | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | lxc | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | lxc-dbg | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | lxc-dev | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
| Ubuntu | 13.10 | noarch | python3-lxc | < 1.0.0~alpha1-0ubuntu14.1 | UNKNOWN |
References
Related
mageia
mageia
Updated lxc packages fix security vulnerability
2014-02-26 22:23:25
cvelist
cvelist
CVE-2013-6441
2014-02-14 15:00:00
ubuntucve
ubuntucve
CVE-2013-6441
2013-12-31 00:00:00
prion
prion
Design/Logic Flaw
2014-02-14 15:55:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0102)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-2104-1)
2022-08-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0643-1)
2021-06-09 00:00:00
nessus
nessus
Ubuntu 13.10 : lxc vulnerability (USN-2104-1)
2014-02-13 00:00:00
SuSE 11.3 Security Update : lxc (SAT Patch Number 9084)
2014-05-15 00:00:00
Debian DLA-442-1 : lxc security update
2016-03-01 00:00:00
nvd
nvd
CVE-2013-6441
2014-02-14 15:55:05
securityvulns
securityvulns
lxc protection bypass
2014-04-07 00:00:00
[USN-2104-1] LXC vulnerability
2014-04-07 00:00:00
cve
cve
CVE-2013-6441
2014-02-14 15:55:05
debiancve
debiancve
CVE-2013-6441
2014-02-14 15:55:05
debian
debian
[SECURITY] [DLA 442-1] lxc security update
2016-02-29 14:41:59
osv
osv
lxc - security update
2016-02-29 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for USN-2104-1