what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

CVE-2013-6435

Status Candidate

Overview

Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.

Related Files

Gentoo Linux Security Advisory 201811-22
Posted Nov 29, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201811-22 - Multiple vulnerabilities have been found in RPM, the worst of which could allow a remote attacker to escalate privileges. Versions less than 4.14.1 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6435, CVE-2014-8118, CVE-2017-7501
MD5 | b2e28734ab3686f7eae98681d8c49d65
Mandriva Linux Security Advisory 2015-056
Posted Mar 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-056 - It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. It was found that RPM could encounter an integer overflow, leading to a stack-based buffer overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2013-6435, CVE-2014-8118
MD5 | 9b74f3ef8bf2b7546483f824a18b9262
Ubuntu Security Notice USN-2479-1
Posted Jan 19, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2479-1 - Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. Florian Weimer discovered that RPM incorrectly handled certain CPIO headers. If a user or automated system were tricked into installing a malicious package file, a remote attacker could use this issue to cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-6435, CVE-2014-8118
MD5 | e43c2caa3e8e7599d046b96cfff62d9f
Debian Security Advisory 3129-1
Posted Jan 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3129-1 - Two vulnerabilities have been discovered in the RPM package manager.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-6435, CVE-2014-8118
MD5 | 6ccdfbedb8b5c8374d7788a7038207b5
Mandriva Linux Security Advisory 2014-251
Posted Dec 15, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-251 - It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. It was found that RPM could encounter an integer overflow, leading to a stack-based buffer overflow, while parsing a crafted CPIO header in the payload section of an RPM file. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2013-6435, CVE-2014-8118
MD5 | badf5cc001f0e09fd26cc3b745bd3373
Red Hat Security Advisory 2014-1976-01
Posted Dec 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1976-01 - The RPM Package Manager is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package such as its version, description, and other information. It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-6435, CVE-2014-8118
MD5 | 2dfaba19c943aa89e562b5e79c17cd34
Red Hat Security Advisory 2014-1974-01
Posted Dec 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1974-01 - The RPM Package Manager is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package such as its version, description, and other information. It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-6435
MD5 | cf20cbc62e556b84c83e7cfcbe84991c
Red Hat Security Advisory 2014-1975-01
Posted Dec 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1975-01 - The RPM Package Manager is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package such as its version, description, and other information. It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-6435
MD5 | f0fc2e44e3c6b1fe5864af8e425b82de
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close