CVE-2012-6607
NONE EPSS 28.5%
Published Nov 23, 201312y ago · Modified Jun 16, 20262w ago
Published Nov 23, 2013 12y ago
Last Modified Jun 16, 2026 2w ago
Description
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
Threat Intelligence
EPSS Exploit Probability
28.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 37
| Vendor | Product | Version | Range |
|---|---|---|---|
| augeas | augeas | * | ≤0.10.0 |
| augeas | augeas | 0.0.1 | any |
| augeas | augeas | 0.0.2 | any |
| augeas | augeas | 0.0.3 | any |
| augeas | augeas | 0.0.4 | any |
| augeas | augeas | 0.0.5 | any |
| augeas | augeas | 0.0.6 | any |
| augeas | augeas | 0.0.7 | any |
| augeas | augeas | 0.0.8 | any |
| augeas | augeas | 0.1.0 | any |
| augeas | augeas | 0.1.1 | any |
| augeas | augeas | 0.2.0 | any |
| augeas | augeas | 0.2.1 | any |
| augeas | augeas | 0.2.2 | any |
| augeas | augeas | 0.3.0 | any |
| augeas | augeas | 0.3.1 | any |
| augeas | augeas | 0.3.2 | any |
| augeas | augeas | 0.3.3 | any |
| augeas | augeas | 0.3.4 | any |
| augeas | augeas | 0.3.5 | any |
| augeas | augeas | 0.3.6 | any |
| augeas | augeas | 0.4.0 | any |
| augeas | augeas | 0.4.1 | any |
| augeas | augeas | 0.4.2 | any |
| augeas | augeas | 0.5.0 | any |
| augeas | augeas | 0.5.1 | any |
| augeas | augeas | 0.5.2 | any |
| augeas | augeas | 0.5.3 | any |
| augeas | augeas | 0.6.0 | any |
| augeas | augeas | 0.7.0 | any |
| augeas | augeas | 0.7.1 | any |
| augeas | augeas | 0.7.2 | any |
| augeas | augeas | 0.7.3 | any |
| augeas | augeas | 0.7.4 | any |
| augeas | augeas | 0.8.0 | any |
| augeas | augeas | 0.8.1 | any |
| augeas | augeas | 0.9.0 | any |
References 5
- augeas.net http://augeas.net/news.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2013-1537.html
- secunia.com http://secunia.com/advisories/55811
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=772257
- github.com https://github.com/hercules-team/augeas/commit/16387744
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.