1. CVE-Search
  2. CVE-2013-6494
ID CVE-2013-6494
Summary fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a static name for its download cache, which allows local users to cause a denial of service (prevention of system updates).
References
Vulnerable Configurations
  • cpe:2.3:a:fedup_project:fedup:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedup_project:fedup:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 02-12-2014 - 13:25)
Impact:
Exploitability:
CWE CWE-17
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 70874
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1066679
fedora
  • FEDORA-2014-14027
  • FEDORA-2014-14252
  • FEDORA-2014-14347
misc https://github.com/wgwoods/fedup/issues/44
Last major update 02-12-2014 - 13:25
Published 02-12-2014 - 01:59
Last modified 02-12-2014 - 13:25
Back to Top