Upstream information
Description
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
NVD | |
---|---|
Base Score | 6.3 |
Vector | AV:L/AC:M/Au:N/C:N/I:C/A:C |
Access Vector | Local |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | Complete |
Availability Impact | Complete |
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA ofed-devel-1.5.4.1-20.26 |
SUSE Linux Enterprise Server 11 SP2 |
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA ofed-1.5.2-0.22.23 |
SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA ofed-1.5.4.1-0.11.5 |
SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA ofed-1.5.4.1-20.26 SUSE Linux Enterprise Software Development Kit 11 SP4 GA ofed-devel-1.5.4.1-20.26 |
SUSE Timeline for this CVE
CVE page created: Tue Jul 9 17:06:11 2013CVE page last modified: Mon Sep 9 17:09:15 2024