This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gnu First view 2009-12-19
Product Automake Last view 2012-08-07
Version 1.10.3 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:gnu:automake

Activity : Overall

Related : CVE

  Date Alert Description
4.4 2012-08-07 CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.

4.4 2009-12-19 CVE-2009-4029

The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-362 Race Condition
33% (1) CWE-264 Permissions, Privileges, and Access Controls

Open Source Vulnerability Database (OSVDB)

id Description
61210 GNU Automake make dist / distcheck distdir Target Permission Weakness Race Co...

OpenVAS Exploits

id Description
2012-10-05 Name : Fedora Update for automake17 FEDORA-2012-14779
File : nvt/gb_fedora_2012_14779_automake17_fc16.nasl
2012-10-05 Name : Fedora Update for automake17 FEDORA-2012-14770
File : nvt/gb_fedora_2012_14770_automake17_fc17.nasl
2012-09-22 Name : Fedora Update for automake FEDORA-2012-14349
File : nvt/gb_fedora_2012_14349_automake_fc17.nasl
2012-09-22 Name : Fedora Update for automake FEDORA-2012-14297
File : nvt/gb_fedora_2012_14297_automake_fc16.nasl
2012-09-10 Name : Slackware Advisory SSA:2012-206-01 libpng
File : nvt/esoft_slk_ssa_2012_206_01.nasl
2012-08-10 Name : FreeBSD Ports: automake
File : nvt/freebsd_automake.nasl
2012-07-16 Name : Mandriva Update for automake MDVSA-2012:103 (automake)
File : nvt/gb_mandriva_MDVSA_2012_103.nasl
2010-10-19 Name : Mandriva Update for automake MDVSA-2010:203 (automake)
File : nvt/gb_mandriva_MDVSA_2010_203.nasl
2010-04-06 Name : RedHat Update for automake RHSA-2010:0321-04
File : nvt/gb_RHSA-2010_0321-04_automake.nasl
2010-03-05 Name : Fedora Update for automake14 FEDORA-2010-1718
File : nvt/gb_fedora_2010_1718_automake14_fc12.nasl
2010-03-05 Name : Fedora Update for automake16 FEDORA-2010-3520
File : nvt/gb_fedora_2010_3520_automake16_fc12.nasl
2010-03-05 Name : Fedora Update for automake15 FEDORA-2010-3563
File : nvt/gb_fedora_2010_3563_automake15_fc12.nasl
2010-03-05 Name : Fedora Update for automake17 FEDORA-2010-3569
File : nvt/gb_fedora_2010_3569_automake17_fc11.nasl
2010-03-05 Name : Fedora Update for automake17 FEDORA-2010-3573
File : nvt/gb_fedora_2010_3573_automake17_fc12.nasl
2010-03-05 Name : Fedora Update for automake14 FEDORA-2010-3591
File : nvt/gb_fedora_2010_3591_automake14_fc11.nasl
2010-03-05 Name : Fedora Update for automake15 FEDORA-2010-1174
File : nvt/gb_fedora_2010_1174_automake15_fc11.nasl
2010-03-05 Name : Fedora Update for automake16 FEDORA-2010-1148
File : nvt/gb_fedora_2010_1148_automake16_fc11.nasl
2010-03-02 Name : Fedora Update for automake FEDORA-2010-1216
File : nvt/gb_fedora_2010_1216_automake_fc11.nasl
2010-01-15 Name : Fedora Update for automake FEDORA-2009-13157
File : nvt/gb_fedora_2009_13157_automake_fc12.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2014-10-12 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-401.nasl - Type: ACT_GATHER_INFO
2014-10-01 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2014-1243.nasl - Type: ACT_GATHER_INFO
2014-09-29 Name: The remote Scientific Linux host is missing a security update.
File: sl_20140916_automake_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2014-09-18 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2014-1243.nasl - Type: ACT_GATHER_INFO
2014-09-16 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2014-1243.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-795.nasl - Type: ACT_GATHER_INFO
2013-10-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201310-15.nasl - Type: ACT_GATHER_INFO
2013-08-14 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_automake-130812.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2013-0526.nasl - Type: ACT_GATHER_INFO
2013-04-20 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2013-031.nasl - Type: ACT_GATHER_INFO
2013-03-10 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2013-0526.nasl - Type: ACT_GATHER_INFO
2013-03-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20130221_automake_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2013-02-21 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2013-0526.nasl - Type: ACT_GATHER_INFO
2012-10-04 Name: The remote Fedora host is missing a security update.
File: fedora_2012-14762.nasl - Type: ACT_GATHER_INFO
2012-10-04 Name: The remote Fedora host is missing a security update.
File: fedora_2012-14770.nasl - Type: ACT_GATHER_INFO
2012-10-04 Name: The remote Fedora host is missing a security update.
File: fedora_2012-14779.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora host is missing a security update.
File: fedora_2012-14297.nasl - Type: ACT_GATHER_INFO
2012-09-19 Name: The remote Fedora host is missing a security update.
File: fedora_2012-14349.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2012-103.nasl - Type: ACT_GATHER_INFO
2012-08-08 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_36235c38e0a811e19f4d002354ed89bc.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20100330_automake_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-07-25 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2012-206-01.nasl - Type: ACT_GATHER_INFO
2010-10-14 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2010-203.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-3569.nasl - Type: ACT_GATHER_INFO