CVE-2013-4159

ctdb < 2.3 - Insecure Temporary File Creation

Title source: llm
STIX 2.1

Description

ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/eventscript.c, (3) tools/ctdb_diagnostics, (4) config/gdb_backtrace, and (5) include/ctdb_private.h.

References (7)

Core 7
Core References
Third Party Advisory x_refsource_misc
http://wiki.samba.org/index.php/CTDB2releaseNotes#ctdb_2.5
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=986773
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2015:177
Vendor Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-06/msg00052.html
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2014/05/29/12
Third Party Advisory x_refsource_confirm
http://advisories.mageia.org/MGASA-2014-0274.html

Scores

EPSS 0.0237
EPSS Percentile 81.9%

Details

CWE
CWE-264
Status published
Products (7)
ctdb_project/ctdb 2.0
ctdb_project/ctdb 2.1
ctdb_project/ctdb < 2.2
mageia/mageia 3.0
mageia/mageia 4.0
opensuse/opensuse 12.3
opensuse/opensuse 13.1
Published Aug 06, 2014
Tracked Since Feb 18, 2026