CVE-2013-0265

EUVD-2013-0293
The redirect_stderr function in xnbd_common.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
bitbucketxnbd
0.1.0:pre
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
xnbd
hardy
dne
lucid
dne
oneiric
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
not-affected
zesty
not-affected
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2013/02/06/2
http://www.openwall.com/lists/oss-security/2013/02/07/5
http://www.osvdb.org/90008
http://www.openwall.com/lists/oss-security/2013/02/06/2
http://www.openwall.com/lists/oss-security/2013/02/07/5
http://www.osvdb.org/90008