CVE-2013-0261

Openstack Essex - Access Control

Title source: rule

Description

(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.

References (2)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-0595.html

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=908101

Scores

EPSS 0.0005

EPSS Percentile 16.5%

Classification

CWE

CWE-264

Status draft

Affected Products (2)

openstack/essex

openstack/folsom

Timeline

Published Mar 08, 2013

Tracked Since Feb 18, 2026