Vulnerabilites related to augeas - augeas
CVE-2012-0786 (GCVE-0-2012-0786)
Vulnerability from cvelistv5
Published
2013-11-23 18:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-23T00:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hercules-team/augeas/commit/16387744",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772257",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0786",
"datePublished": "2013-11-23T18:00:00",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2588 (GCVE-0-2025-2588)
Vulnerability from cvelistv5
Published
2025-03-21 12:00
Modified
2025-03-21 17:24
Severity ?
4.8 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
VLAI Severity ?
EPSS score ?
Summary
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2588",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-21T17:24:34.308971Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T17:24:55.111Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Augeas",
"vendor": "Hercules",
"versions": [
{
"status": "affected",
"version": "1.14.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."
},
{
"lang": "de",
"value": "In Hercules Augeas 1.14.1 wurde eine problematische Schwachstelle gefunden. Dabei geht es um die Funktion re_case_expand der Datei src/fa.c. Durch Manipulation des Arguments re mit unbekannten Daten kann eine null pointer dereference-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T12:00:10.758Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-300568 | Hercules Augeas fa.c re_case_expand null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.300568"
},
{
"name": "VDB-300568 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.300568"
},
{
"name": "Submit #517281 | https://github.com/hercules-team/augeas augeas 1.14.1 NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.517281"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-21T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-03-21T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-03-21T07:37:32.000Z",
"value": "VulDB entry last update"
}
],
"title": "Hercules Augeas fa.c re_case_expand null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-2588",
"datePublished": "2025-03-21T12:00:10.758Z",
"dateReserved": "2025-03-21T06:32:24.166Z",
"dateUpdated": "2025-03-21T17:24:55.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7555 (GCVE-0-2017-7555)
Vulnerability from cvelistv5
Published
2017-08-17 19:00
Modified
2024-09-17 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat, Inc. | augeas |
Version: up to and including 1.8.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:12.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "augeas",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "up to and including 1.8.0"
}
]
}
],
"datePublic": "2017-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-07T13:06:20",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-08-17T00:00:00",
"ID": "CVE-2017-7555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "augeas",
"version": {
"version_data": [
{
"version_value": "up to and including 1.8.0"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://puppet.com/security/cve/cve-2017-7555",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"name": "100378",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100378"
},
{
"name": "RHSA-2017:2788",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"name": "https://github.com/hercules-team/augeas/pull/480",
"refsource": "MISC",
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"name": "DSA-3949",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"name": "RHSA-2019:2403",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7555",
"datePublished": "2017-08-17T19:00:00Z",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-09-17T02:36:08.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-6607 (GCVE-0-2012-6607)
Vulnerability from cvelistv5
Published
2013-11-23 18:00
Modified
2024-08-06 21:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:36:01.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-23T00:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-6607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hercules-team/augeas/commit/16387744",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772257",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-6607",
"datePublished": "2013-11-23T18:00:00",
"dateReserved": "2013-11-23T00:00:00",
"dateUpdated": "2024-08-06T21:36:01.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0787 (GCVE-0-2012-0787)
Vulnerability from cvelistv5
Published
2013-11-23 18:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-23T18:28:53",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55811"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://augeas.net/news.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55811"
},
{
"name": "http://augeas.net/news.html",
"refsource": "CONFIRM",
"url": "http://augeas.net/news.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=772261",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"name": "RHSA-2013:1537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"name": "https://github.com/hercules-team/augeas/commit/b8de6a8c",
"refsource": "CONFIRM",
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0787",
"datePublished": "2013-11-23T18:00:00",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-6412 (GCVE-0-2013-6412)
Vulnerability from cvelistv5
Published
2014-01-23 00:00
Modified
2024-08-06 17:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:39:01.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/pull/58"
},
{
"name": "RHSA-2014:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a \"7,\" which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-22T23:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/pull/58"
},
{
"name": "RHSA-2014:0044",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-6412",
"datePublished": "2014-01-23T00:00:00",
"dateReserved": "2013-11-04T00:00:00",
"dateUpdated": "2024-08-06T17:39:01.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-08-17 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E6A5F03-A1F0-42AC-BBCF-A37EC722618A",
"versionEndIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. Attacker could send crafted strings that would cause the application using augeas to copy past the end of a buffer, leading to a crash or possible code execution."
},
{
"lang": "es",
"value": "Augeas en sus versiones hasta la 1.8.0 (esta incluida) es vulnerable a un desbordamiento de b\u00fafer basado en memoria din\u00e1mica debido a una gesti\u00f3n indebida de strings escapados. Un atacante podr\u00eda enviar strings manipulados que har\u00edan que la aplicaci\u00f3n que emplea Augeas copie y pegue el final de un b\u00fafer, provocando un bloqueo o una posible ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2017-7555",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-17T19:29:00.223",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"source": "secalert@redhat.com",
"url": "https://puppet.com/security/cve/cve-2017-7555"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hercules-team/augeas/pull/480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://puppet.com/security/cve/cve-2017-7555"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-23 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C456C2-ED81-4302-9D6E-7D5803055CB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F91C6AF0-B527-43B1-9BBC-DD978768B32A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a \"7,\" which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors."
},
{
"lang": "es",
"value": "La funci\u00f3n transform_save en transform.c de Augeas 1.0.0 hasta la versi\u00f3n 1.1.0 no calcula adecuadamente los valores de permiso cuando umask contiene un \"7,\", lo que desencadena permisos world-writable para ser usados por nuevos archivos y permite a usuarios locales modificar los archivos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-6412",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-23T00:55:03.300",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/hercules-team/augeas/pull/58"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1034261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/hercules-team/augeas/commit/f5b4fc0c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/hercules-team/augeas/pull/58"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-23 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| augeas | augeas | * | |
| augeas | augeas | 0.0.1 | |
| augeas | augeas | 0.0.2 | |
| augeas | augeas | 0.0.3 | |
| augeas | augeas | 0.0.4 | |
| augeas | augeas | 0.0.5 | |
| augeas | augeas | 0.0.6 | |
| augeas | augeas | 0.0.7 | |
| augeas | augeas | 0.0.8 | |
| augeas | augeas | 0.1.0 | |
| augeas | augeas | 0.1.1 | |
| augeas | augeas | 0.2.0 | |
| augeas | augeas | 0.2.1 | |
| augeas | augeas | 0.2.2 | |
| augeas | augeas | 0.3.0 | |
| augeas | augeas | 0.3.1 | |
| augeas | augeas | 0.3.2 | |
| augeas | augeas | 0.3.3 | |
| augeas | augeas | 0.3.4 | |
| augeas | augeas | 0.3.5 | |
| augeas | augeas | 0.3.6 | |
| augeas | augeas | 0.4.0 | |
| augeas | augeas | 0.4.1 | |
| augeas | augeas | 0.4.2 | |
| augeas | augeas | 0.5.0 | |
| augeas | augeas | 0.5.1 | |
| augeas | augeas | 0.5.2 | |
| augeas | augeas | 0.5.3 | |
| augeas | augeas | 0.6.0 | |
| augeas | augeas | 0.7.0 | |
| augeas | augeas | 0.7.1 | |
| augeas | augeas | 0.7.2 | |
| augeas | augeas | 0.7.3 | |
| augeas | augeas | 0.7.4 | |
| augeas | augeas | 0.8.0 | |
| augeas | augeas | 0.8.1 | |
| augeas | augeas | 0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D979BDB9-28B0-400D-B65E-9B548BCDA69F",
"versionEndIncluding": "0.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD72801-1F4D-4BA5-AB75-8BC61B646E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57C1BEAB-B9DA-43F9-A2B0-BA55C957308D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEA5E15-B664-4D81-B5D9-1E8A126B553B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FD4113-4C32-4D58-A42A-5F8F203042EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C10430FE-B34E-454D-8F67-9F31FB8AE1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE3B830-29A4-49A5-9EB2-87D02C306E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B59B7BD0-020B-426E-9024-0E8BB75751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B62FE3CD-E3F6-4D52-8ABF-04C747D0EDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063D64F9-5559-49EA-BD71-DAD5C2AA1EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E693B26-C911-44EF-861C-C4C4B970E28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE410BD-F883-46B5-8CF2-3AB6C7B64367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD5BF14-EFF5-4099-A886-FB9629B91D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C43D1EBC-3730-432F-B80A-6E4738A72B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6531B2D8-A14E-4B3F-A000-35123196A731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1AADCF-31E0-444A-ADBF-59CC9F1FE989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB56B2E7-E72D-4D6D-A47D-2B4CB18F95C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10D5AC52-FC81-4136-A867-FD236AB18BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74872B68-0D2F-41D6-A287-1F2428280608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AD2B6A-9858-4B0D-B937-4D209C31596E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5210B9-7A79-4800-ABF8-62DC41786933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2937BD47-29F3-4C5C-96B2-E5CE512ACC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BF93A5-9D16-4D6B-81C4-37E217FCB6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9670552D-DB24-476D-97F0-F90BB56803DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3463B564-C4CF-4D6E-A415-F165E5FE92E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1BD280E-F528-49D6-87B9-C1DFBDC70ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B228890-0871-4A07-9F72-8AE0926CC68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "183E51ED-C320-412D-AB1E-EF592FD364B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6822D53A-76BD-4B8F-8F5C-0FB28FF2975C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6581E1FA-8915-4BA6-AA15-56BFF377162B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "516C852C-1D84-406D-8C33-C097B70DD315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5ECEE7-069F-4300-A478-9D30EC1FB8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7B846820-5FB9-416A-8CC2-7CE8248080B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8832D6-1513-4EFC-A1DB-80AB6821AE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D0C3D-F960-46B3-85AD-28D5A0BEB97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41FD1FB8-7875-414F-9E37-023C27964AC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B301BB9A-2AD9-4860-894E-B82EA35AF3AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786."
},
{
"lang": "es",
"value": "La funci\u00f3n transform_save en el archivo transform.c en Augeas anterior a versi\u00f3n 1.0.0, permite a los usuarios locales sobrescribir archivos arbitrarios y obtener informaci\u00f3n confidencial mediante un ataque de enlace simb\u00f3lico sobre un archivo .augsave en una acci\u00f3n de copia de seguridad, un vector diferente del CVE-2012-0786."
}
],
"id": "CVE-2012-6607",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-23T18:55:04.110",
"references": [
{
"source": "cve@mitre.org",
"url": "http://augeas.net/news.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://augeas.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-23 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| augeas | augeas | * | |
| augeas | augeas | 0.0.1 | |
| augeas | augeas | 0.0.2 | |
| augeas | augeas | 0.0.3 | |
| augeas | augeas | 0.0.4 | |
| augeas | augeas | 0.0.5 | |
| augeas | augeas | 0.0.6 | |
| augeas | augeas | 0.0.7 | |
| augeas | augeas | 0.0.8 | |
| augeas | augeas | 0.1.0 | |
| augeas | augeas | 0.1.1 | |
| augeas | augeas | 0.2.0 | |
| augeas | augeas | 0.2.1 | |
| augeas | augeas | 0.2.2 | |
| augeas | augeas | 0.3.0 | |
| augeas | augeas | 0.3.1 | |
| augeas | augeas | 0.3.2 | |
| augeas | augeas | 0.3.3 | |
| augeas | augeas | 0.3.4 | |
| augeas | augeas | 0.3.5 | |
| augeas | augeas | 0.3.6 | |
| augeas | augeas | 0.4.0 | |
| augeas | augeas | 0.4.1 | |
| augeas | augeas | 0.4.2 | |
| augeas | augeas | 0.5.0 | |
| augeas | augeas | 0.5.1 | |
| augeas | augeas | 0.5.2 | |
| augeas | augeas | 0.5.3 | |
| augeas | augeas | 0.6.0 | |
| augeas | augeas | 0.7.0 | |
| augeas | augeas | 0.7.1 | |
| augeas | augeas | 0.7.2 | |
| augeas | augeas | 0.7.3 | |
| augeas | augeas | 0.7.4 | |
| augeas | augeas | 0.8.0 | |
| augeas | augeas | 0.8.1 | |
| augeas | augeas | 0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D979BDB9-28B0-400D-B65E-9B548BCDA69F",
"versionEndIncluding": "0.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD72801-1F4D-4BA5-AB75-8BC61B646E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57C1BEAB-B9DA-43F9-A2B0-BA55C957308D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEA5E15-B664-4D81-B5D9-1E8A126B553B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FD4113-4C32-4D58-A42A-5F8F203042EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C10430FE-B34E-454D-8F67-9F31FB8AE1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE3B830-29A4-49A5-9EB2-87D02C306E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B59B7BD0-020B-426E-9024-0E8BB75751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B62FE3CD-E3F6-4D52-8ABF-04C747D0EDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063D64F9-5559-49EA-BD71-DAD5C2AA1EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E693B26-C911-44EF-861C-C4C4B970E28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE410BD-F883-46B5-8CF2-3AB6C7B64367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD5BF14-EFF5-4099-A886-FB9629B91D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C43D1EBC-3730-432F-B80A-6E4738A72B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6531B2D8-A14E-4B3F-A000-35123196A731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1AADCF-31E0-444A-ADBF-59CC9F1FE989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB56B2E7-E72D-4D6D-A47D-2B4CB18F95C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10D5AC52-FC81-4136-A867-FD236AB18BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74872B68-0D2F-41D6-A287-1F2428280608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AD2B6A-9858-4B0D-B937-4D209C31596E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5210B9-7A79-4800-ABF8-62DC41786933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2937BD47-29F3-4C5C-96B2-E5CE512ACC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BF93A5-9D16-4D6B-81C4-37E217FCB6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9670552D-DB24-476D-97F0-F90BB56803DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3463B564-C4CF-4D6E-A415-F165E5FE92E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1BD280E-F528-49D6-87B9-C1DFBDC70ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B228890-0871-4A07-9F72-8AE0926CC68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "183E51ED-C320-412D-AB1E-EF592FD364B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6822D53A-76BD-4B8F-8F5C-0FB28FF2975C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6581E1FA-8915-4BA6-AA15-56BFF377162B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "516C852C-1D84-406D-8C33-C097B70DD315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5ECEE7-069F-4300-A478-9D30EC1FB8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7B846820-5FB9-416A-8CC2-7CE8248080B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8832D6-1513-4EFC-A1DB-80AB6821AE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D0C3D-F960-46B3-85AD-28D5A0BEB97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41FD1FB8-7875-414F-9E37-023C27964AC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B301BB9A-2AD9-4860-894E-B82EA35AF3AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file."
},
{
"lang": "es",
"value": "La funci\u00f3n transform_save en el archivo transform.c en Augeas anterior a versi\u00f3n 1.0.0, permite a los usuarios locales sobrescribir archivos arbitrarios y obtener informaci\u00f3n confidencial mediante un ataque de enlace simb\u00f3lico sobre un archivo .augnew."
}
],
"id": "CVE-2012-0786",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-23T18:55:04.063",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://augeas.net/news.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"source": "secalert@redhat.com",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://augeas.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/hercules-team/augeas/commit/16387744"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-23 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 6.0 | |
| augeas | augeas | * | |
| augeas | augeas | 0.0.1 | |
| augeas | augeas | 0.0.2 | |
| augeas | augeas | 0.0.3 | |
| augeas | augeas | 0.0.4 | |
| augeas | augeas | 0.0.5 | |
| augeas | augeas | 0.0.6 | |
| augeas | augeas | 0.0.7 | |
| augeas | augeas | 0.0.8 | |
| augeas | augeas | 0.1.0 | |
| augeas | augeas | 0.1.1 | |
| augeas | augeas | 0.2.0 | |
| augeas | augeas | 0.2.1 | |
| augeas | augeas | 0.2.2 | |
| augeas | augeas | 0.3.0 | |
| augeas | augeas | 0.3.1 | |
| augeas | augeas | 0.3.2 | |
| augeas | augeas | 0.3.3 | |
| augeas | augeas | 0.3.4 | |
| augeas | augeas | 0.3.5 | |
| augeas | augeas | 0.3.6 | |
| augeas | augeas | 0.4.0 | |
| augeas | augeas | 0.4.1 | |
| augeas | augeas | 0.4.2 | |
| augeas | augeas | 0.5.0 | |
| augeas | augeas | 0.5.1 | |
| augeas | augeas | 0.5.2 | |
| augeas | augeas | 0.5.3 | |
| augeas | augeas | 0.6.0 | |
| augeas | augeas | 0.7.0 | |
| augeas | augeas | 0.7.1 | |
| augeas | augeas | 0.7.2 | |
| augeas | augeas | 0.7.3 | |
| augeas | augeas | 0.7.4 | |
| augeas | augeas | 0.8.0 | |
| augeas | augeas | 0.8.1 | |
| augeas | augeas | 0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D979BDB9-28B0-400D-B65E-9B548BCDA69F",
"versionEndIncluding": "0.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD72801-1F4D-4BA5-AB75-8BC61B646E63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57C1BEAB-B9DA-43F9-A2B0-BA55C957308D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DAEA5E15-B664-4D81-B5D9-1E8A126B553B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "54FD4113-4C32-4D58-A42A-5F8F203042EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C10430FE-B34E-454D-8F67-9F31FB8AE1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9DE3B830-29A4-49A5-9EB2-87D02C306E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B59B7BD0-020B-426E-9024-0E8BB75751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B62FE3CD-E3F6-4D52-8ABF-04C747D0EDDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063D64F9-5559-49EA-BD71-DAD5C2AA1EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E693B26-C911-44EF-861C-C4C4B970E28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE410BD-F883-46B5-8CF2-3AB6C7B64367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BD5BF14-EFF5-4099-A886-FB9629B91D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C43D1EBC-3730-432F-B80A-6E4738A72B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6531B2D8-A14E-4B3F-A000-35123196A731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1AADCF-31E0-444A-ADBF-59CC9F1FE989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB56B2E7-E72D-4D6D-A47D-2B4CB18F95C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10D5AC52-FC81-4136-A867-FD236AB18BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "74872B68-0D2F-41D6-A287-1F2428280608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AD2B6A-9858-4B0D-B937-4D209C31596E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5210B9-7A79-4800-ABF8-62DC41786933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2937BD47-29F3-4C5C-96B2-E5CE512ACC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BF93A5-9D16-4D6B-81C4-37E217FCB6C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9670552D-DB24-476D-97F0-F90BB56803DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3463B564-C4CF-4D6E-A415-F165E5FE92E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1BD280E-F528-49D6-87B9-C1DFBDC70ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B228890-0871-4A07-9F72-8AE0926CC68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "183E51ED-C320-412D-AB1E-EF592FD364B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6822D53A-76BD-4B8F-8F5C-0FB28FF2975C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6581E1FA-8915-4BA6-AA15-56BFF377162B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "516C852C-1D84-406D-8C33-C097B70DD315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5ECEE7-069F-4300-A478-9D30EC1FB8DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7B846820-5FB9-416A-8CC2-7CE8248080B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8832D6-1513-4EFC-A1DB-80AB6821AE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A29D0C3D-F960-46B3-85AD-28D5A0BEB97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41FD1FB8-7875-414F-9E37-023C27964AC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:augeas:augeas:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B301BB9A-2AD9-4860-894E-B82EA35AF3AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option."
},
{
"lang": "es",
"value": "La funci\u00f3n clone_file en transfer.c de Augeas anterior a la versi\u00f3n 1.0.0 cuando se establece EXDEV o EBUSY en copy_if_rename_fails es devuelto por la funci\u00f3n rename, permite a usuarios locales sobreescribir archivos arbitrarios y obtener informaci\u00f3n sensible a trav\u00e9s de un bind mount en (1) .augsave o (2) el archivo de destino cuando se usa la opci\u00f3n de guardado de copia de seguridad, o (3) el archivo .augnew cuando se usa la opci\u00f3n de guardado newfile."
}
],
"id": "CVE-2012-0787",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-23T18:55:04.093",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://augeas.net/news.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://augeas.net/news.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1537.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "https://github.com/hercules-team/augeas/commit/b8de6a8c"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-21 12:15
Modified
2025-04-01 20:24
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Summary
A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cna@vuldb.com | https://github.com/hercules-team/augeas/issues/852 | Exploit, Issue Tracking | |
| cna@vuldb.com | https://github.com/hercules-team/augeas/issues/852#issue-2905999609 | Exploit, Issue Tracking | |
| cna@vuldb.com | https://vuldb.com/?ctiid.300568 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?id.300568 | Permissions Required, VDB Entry | |
| cna@vuldb.com | https://vuldb.com/?submit.517281 | Third Party Advisory, VDB Entry | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://github.com/hercules-team/augeas/issues/852#issue-2905999609 | Exploit, Issue Tracking |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:augeas:augeas:1.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79129F88-24DC-467E-9ED8-5689245CEE32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Hercules Augeas 1.14.1 and classified as problematic. This vulnerability affects the function re_case_expand of the file src/fa.c. The manipulation of the argument re leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Hercules Augeas 1.14.1, clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a la funci\u00f3n re_case_expand del archivo src/fa.c. La manipulaci\u00f3n del argumento re provoca la desreferenciaci\u00f3n de puntero nulo. Es necesario realizar ataques locales. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"id": "CVE-2025-2588",
"lastModified": "2025-04-01T20:24:28.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "cna@vuldb.com",
"type": "Secondary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "cna@vuldb.com",
"type": "Secondary"
}
]
},
"published": "2025-03-21T12:15:26.553",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?ctiid.300568"
},
{
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
],
"url": "https://vuldb.com/?id.300568"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://vuldb.com/?submit.517281"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/hercules-team/augeas/issues/852#issue-2905999609"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
},
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "cna@vuldb.com",
"type": "Primary"
}
]
}