Search criteria
6 vulnerabilities by augeas
CVE-2025-2588 (GCVE-0-2025-2588)
Vulnerability from cvelistv5 – Published: 2025-03-21 12:00 – Updated: 2025-03-21 17:24
VLAI
Title
Hercules Augeas fa.c re_case_expand null pointer dereference
Summary
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.300568 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.300568 | signaturepermissions-required |
| https://vuldb.com/?submit.517281 | third-party-advisory |
| https://github.com/hercules-team/augeas/issues/852 | issue-tracking |
| https://github.com/hercules-team/augeas/issues/85… | exploitissue-tracking |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2588",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-21T17:24:34.308971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T17:24:55.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Augeas",
"vendor": "Hercules",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In Hercules Augeas 1.14.1 wurde eine problematische Schwachstelle gefunden. Dabei geht es um die Funktion re_case_expand der Datei src/fa.c. Durch Manipulation des Arguments re mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T12:00:10.758Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-300568 | Hercules Augeas fa.c re_case_expand null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.300568"
},
{
"name": "VDB-300568 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.300568"
},
{
"name": "Submit #517281 | https://github.com/hercules-team/augeas augeas 1.14.1 NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.517281"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-21T07:37:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "Hercules Augeas fa.c re_case_expand null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2588",
"datePublished": "2025-03-21T12:00:10.758Z",
"dateReserved": "2025-03-21T06:32:24.166Z",
"dateUpdated": "2025-03-21T17:24:55.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7555 (GCVE-0-2017-7555)
Vulnerability from cvelistv5 – Published: 2017-08-17 19:00 – Updated: 2024-09-17 02:36
VLAI
Summary
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
Severity
No CVSS data available.
CWE
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://puppet.com/security/cve/cve-2017-7555 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/100378 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:2788 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/hercules-team/augeas/pull/480 | x_refsource_MISC |
| http://www.debian.org/security/2017/dsa-3949 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2019:2403 | vendor-advisoryx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | augeas |
Affected:
up to and including 1.8.0
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "augeas",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "up to and including 1.8.0"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-07T13:06:20.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-08-17T00:00:00",
"ID": "CVE-2017-7555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "augeas",
"version": {
"version_data": [
{
"version_value": "up to and including 1.8.0"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2017-7555",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"name": "https://github.com/hercules-team/augeas/pull/480",
"refsource": "MISC",
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7555",
"datePublished": "2017-08-17T19:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:36:08.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6412 (GCVE-0-2013-6412)
Vulnerability from cvelistv5 – Published: 2014-01-23 00:00 – Updated: 2024-08-06 17:39
VLAI
Summary
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/hercules-team/augeas/pull/58 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2014-0044.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=1034261 | x_refsource_CONFIRM |
| https://github.com/hercules-team/augeas/commit/f5b4fc0c | x_refsource_CONFIRM |
Date Public
2014-01-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/pull/58"
},
{
"name": "RHSA-2014:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a \"7,\" which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-22T23:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/pull/58"
},
{
"name": "RHSA-2014:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6412",
"datePublished": "2014-01-23T00:00:00.000Z",
"dateReserved": "2013-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-06T17:39:01.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6607 (GCVE-0-2012-6607)
Vulnerability from cvelistv5 – Published: 2013-11-23 18:00 – Updated: 2024-08-06 21:36
VLAI
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/hercules-team/augeas/commit/16387744 | x_refsource_CONFIRM |
| http://secunia.com/advisories/55811 | third-party-advisoryx_refsource_SECUNIA |
| http://augeas.net/news.html | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=772257 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-1537.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-23T00:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hercules-team/augeas/commit/16387744",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772257",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6607",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2013-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:36:01.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0786 (GCVE-0-2012-0786)
Vulnerability from cvelistv5 – Published: 2013-11-23 18:00 – Updated: 2024-08-06 18:38
VLAI
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/hercules-team/augeas/commit/16387744 | x_refsource_CONFIRM |
| http://secunia.com/advisories/55811 | third-party-advisoryx_refsource_SECUNIA |
| http://augeas.net/news.html | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=772257 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-1537.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-23T00:57:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hercules-team/augeas/commit/16387744",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772257",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0786",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0787 (GCVE-0-2012-0787)
Vulnerability from cvelistv5 – Published: 2013-11-23 18:00 – Updated: 2024-08-06 18:38
VLAI
Summary
The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/55811 | third-party-advisoryx_refsource_SECUNIA |
| http://augeas.net/news.html | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=772261 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-1537.html | vendor-advisoryx_refsource_REDHAT |
| https://github.com/hercules-team/augeas/commit/b8de6a8c | x_refsource_CONFIRM |
Date Public
2012-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:28:53.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772261",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"name": "https://github.com/hercules-team/augeas/commit/b8de6a8c",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0787",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}