Executive Summary

Informations
Name CVE-2013-4419 First vendor Publication 2013-11-05
Vendor Cve Last vendor Modification 2018-12-13

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.8 Attack Range Adjacent network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 3.2 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4419

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25432
 
Oval ID: oval:org.mitre.oval:def:25432
Title: SUSE-SU-2013:1626-1 -- Security update for guestfs
Description: A predictable socketname in the guestfish commandline tool could be used by a local attacker to gain access to guestfish sessions of other users on the same system. (CVE-2013-4419) Security Issue reference: * CVE-2013-4419 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4419 >
Family: unix Class: patch
Reference(s): SUSE-SU-2013:1626-1
CVE-2013-4419
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
 Product(s): guestfs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26478
 
Oval ID: oval:org.mitre.oval:def:26478
Title: ELSA-2013-1536 -- libguestfs security, bug fix, and enhancement update (moderate)
Description: [1:1.20.11-2] - Fix CVE-2013-4419: insecure temporary directory handling for guestfish's network socket resolves: rhbz#1019737
Family: unix Class: patch
Reference(s): ELSA-2013-1536
CVE-2013-4419
 Version: 3
Platform(s): Oracle Linux 6
 Product(s): libguestfs
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27187
 
Oval ID: oval:org.mitre.oval:def:27187
Title: RHSA-2013:1536 -- libguestfs security, bug fix, and enhancement update (Moderate)
Description: Libguestfs is a library and set of tools for accessing and modifying guest disk images. It was found that guestfish, which enables shell scripting and command line access to libguestfs, insecurely created the temporary directory used to store the network socket when started in server mode. A local attacker could use this flaw to intercept and modify other user&#39;s guestfish command, allowing them to perform arbitrary guestfish actions with the privileges of a different user, or use this flaw to obtain authentication credentials. (CVE-2013-4419) This issue was discovered by Michael Scherer of the Red Hat Regional IT team. These updated libguestfs packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes. All libguestfs users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.
Family: unix Class: patch
Reference(s): RHSA-2013:1536
CESA-2013:1536
CVE-2013-4419
 Version: 3
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): libguestfs
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 142
Application 1
Os 1

Nessus® Vulnerability Scanner

Date Description
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1536.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2013-1527.nasl - Type : ACT_GATHER_INFO
2013-12-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20131121_libguestfs_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-11-29 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1536.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1536.nasl - Type : ACT_GATHER_INFO
2013-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2013-19553.nasl - Type : ACT_GATHER_INFO
2013-11-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_guestfs-data-131024.nasl - Type : ACT_GATHER_INFO
2013-10-27 Name : The remote Fedora host is missing a security update.
File : fedora_2013-19452.nasl - Type : ACT_GATHER_INFO
2013-10-27 Name : The remote Fedora host is missing a security update.
File : fedora_2013-19492.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
MISC https://bugzilla.redhat.com/show_bug.cgi?id=1016960
MLIST https://www.redhat.com/archives/libguestfs/2013-October/msg00031.html
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1536.html
SECUNIA http://secunia.com/advisories/55813
SUSE http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00001.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Date Informations
2024-02-02 01:24:10
  • Multiple Updates
2024-02-01 12:07:13
  • Multiple Updates
2023-09-05 12:22:50
  • Multiple Updates
2023-09-05 01:07:07
  • Multiple Updates
2023-09-02 12:22:52
  • Multiple Updates
2023-09-02 01:07:12
  • Multiple Updates
2023-08-22 12:20:36
  • Multiple Updates
2022-10-11 01:06:53
  • Multiple Updates
2021-05-04 12:27:18
  • Multiple Updates
2021-04-22 01:33:04
  • Multiple Updates
2020-05-23 00:38:01
  • Multiple Updates
2019-06-07 12:05:22
  • Multiple Updates
2018-12-13 21:19:35
  • Multiple Updates
2017-01-26 12:04:19
  • Multiple Updates
2016-06-28 19:39:44
  • Multiple Updates
2016-04-26 23:33:13
  • Multiple Updates
2015-01-14 21:24:01
  • Multiple Updates
2014-11-13 13:26:54
  • Multiple Updates
2014-11-08 13:31:08
  • Multiple Updates
2014-02-17 11:22:10
  • Multiple Updates
2013-12-08 13:19:36
  • Multiple Updates
2013-12-01 13:19:11
  • Multiple Updates
2013-11-06 21:28:10
  • Multiple Updates
2013-11-06 13:30:08
  • First insertion