ID CVE-2015-0267
Summary The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlink attack on a temporary file. <a href="https://cwe.mitre.org/data/definitions/61.html">CWE-61: UNIX Symbolic Link (Symlink) Following</a>
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:kexec-tools:*:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:kexec-tools:*:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 28-11-2016 - 19:16)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:P
redhat via4
advisories
bugzilla
id 1191575
title CVE-2015-0267 kexec-tools: insecure use of /tmp/*$$* filenames
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment kexec-tools is earlier than 0:2.0.7-19.el7_1.2
        oval oval:com.redhat.rhsa:tst:20150986009
      • comment kexec-tools is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20111532006
    • AND
      • comment kexec-tools-anaconda-addon is earlier than 0:2.0.7-19.el7_1.2
        oval oval:com.redhat.rhsa:tst:20150986005
      • comment kexec-tools-anaconda-addon is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20150986006
    • AND
      • comment kexec-tools-eppic is earlier than 0:2.0.7-19.el7_1.2
        oval oval:com.redhat.rhsa:tst:20150986007
      • comment kexec-tools-eppic is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20150986008
rhsa
id RHSA-2015:0986
released 2015-05-12
severity Moderate
title RHSA-2015:0986: kexec-tools security, bug fix, and enhancement update (Moderate)
rpms
  • kexec-tools-0:2.0.7-19.el7_1.2
  • kexec-tools-anaconda-addon-0:2.0.7-19.el7_1.2
  • kexec-tools-eppic-0:2.0.7-19.el7_1.2
refmap via4
bid 74622
Last major update 28-11-2016 - 19:16
Published 19-05-2015 - 18:59
Back to Top