Showing 1 - 1 of 1

CVE-2013-1057

Status Candidate

Overview

Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.

Related Files

Ubuntu Security Notice USN-2013-1: Posted Nov 7, 2013; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2013-1 - It was discovered that maas-import-pxe-files incorrectly loaded configuration information from the current working directory. A local attacker could execute code as an administrator if maas-import-pxe-files were run from an attacker-controlled directory. It was discovered that maas-import-pxe-files doesn't cryptographically verify downloaded content. An attacker could modify images without detection. Various other issues were also addressed.; tags | advisory, local; systems | linux, ubuntu; advisories | CVE-2013-1057, CVE-2013-1058, CVE-2013-1057, CVE-2013-1058; SHA-256 | abfb080471077aa526f708385060f26bb47afecc1f1d5ba12e53f72663b04cdb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 225 files
indoushka 176 files
Ubuntu 94 files
Gentoo 32 files
Debian 16 files
Matthias Deeg 11 files
Chris Beiter 11 files
Frederik Beimgraben 11 files
Apple 10 files
malvuln 8 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,132)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,415)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,936)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,896)
UNIX (9,464)
UnixWare (188)
Windows (6,782)
Other

CVE-2013-1057

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems