SB2013112307 - Multiple vulnerabilities in Augeas

Description

This security bulletin contains information about 2 vulnerabilities.

1) Path traversal (CVE-ID: CVE-2012-6607)

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.

2) Link following (CVE-ID: CVE-2012-0786)

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.

Remediation

Install update from vendor's website.

References

• http://augeas.net/news.html
• http://rhn.redhat.com/errata/RHSA-2013-1537.html
• http://secunia.com/advisories/55811
• https://bugzilla.redhat.com/show_bug.cgi?id=772257
• https://github.com/hercules-team/augeas/commit/16387744