MGASA-2013-0158

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0158.html

Import Source

https://advisories.mageia.org/MGASA-2013-0158.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2013-0158

Related

CVE-2013-0219

Published

2013-06-06T12:24:33Z

Modified

2013-06-18T15:55:08Z

Summary

Updated sssd packages fix security vulnerability

Details

A TOCTOU (time-of-check time-of-use) race condition was found in the way SSSD, System Security Services Daemon, performed copying and removal of (user) directory trees.A local attacker, with permissions to write into directory of the victim, being actively / currently copied / removed via the sssd daemon facility, could use this flaw to conduct symbolic link attacks, leading to their ability to alter / remove directories outside of originally intended, to be modified, directory tree (CVE-2013-0219).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2013-0158

Affected packages