OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
BID:58637
Info
OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
| Bugtraq ID: | 58637 |
| Class: | Design Error |
| CVE: |
CVE-2013-1815 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 21 2013 12:00AM |
| Updated: | Mar 21 2013 12:00AM |
| Credit: | Derek Higgins of the Red Hat OpenStack team |
| Vulnerable: |
Redhat OpenStack Folsom 0 Redhat OpenStack Essex 0 OpenStack PackStack 0 |
| Not Vulnerable: | |
Discussion
OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
OpenStack PackStack is prone to a security vulnerability because it creates file in an insecure manner.
A local attacker may exploit this issue to access or modify configuration details, that may aid in further attacks.
OpenStack PackStack is prone to a security vulnerability because it creates file in an insecure manner.
A local attacker may exploit this issue to access or modify configuration details, that may aid in further attacks.
Exploit / POC
OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
Attackers can exploit the issue using readily available tools.
Attackers can exploit the issue using readily available tools.
Solution / Fix
OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
OpenStack PackStack CVE-2013-1815 Insecure File Creation Vulnerability
References:
References: