CVE-2013-6412
NONE EPSS 28.8%
Published Jan 23, 201412y ago · Modified Jun 17, 20262w ago
Published Jan 23, 2014 12y ago
Last Modified Jun 17, 2026 2w ago
Description
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.
Threat Intelligence
EPSS Exploit Probability
28.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-264
Affected Products 2
References 4
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2014-0044.html
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1034261
- github.com https://github.com/hercules-team/augeas/commit/f5b4fc0c
- github.com https://github.com/hercules-team/augeas/pull/58
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.