CVE-2013-2561
Severity CVSS v4.0:
Pending analysis
Type:
CWE-59
Link Following
Publication date:
23/11/2013
Last modified:
11/04/2025
Description
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/.
Impact
Base Score 2.0
6.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:openfabrics:ibutils:1.5.7:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://rhn.redhat.com/errata/RHSA-2013-1661.html
- http://seclists.org/fulldisclosure/2013/Mar/87
- http://www.openwall.com/lists/oss-security/2013/03/19/8
- http://www.openwall.com/lists/oss-security/2013/03/26/1
- http://www.openwall.com/lists/oss-security/2013/03/26/11
- http://www.openwall.com/lists/oss-security/2013/03/26/4
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.securityfocus.com/bid/58335
- https://bugzilla.redhat.com/show_bug.cgi?id=927430
- http://rhn.redhat.com/errata/RHSA-2013-1661.html
- http://seclists.org/fulldisclosure/2013/Mar/87
- http://www.openwall.com/lists/oss-security/2013/03/19/8
- http://www.openwall.com/lists/oss-security/2013/03/26/1
- http://www.openwall.com/lists/oss-security/2013/03/26/11
- http://www.openwall.com/lists/oss-security/2013/03/26/4
- http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
- http://www.securityfocus.com/bid/58335
- https://bugzilla.redhat.com/show_bug.cgi?id=927430