Vulnerability Description
Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libreswan | Libreswan | 3.6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/56276Vendor Advisory
- http://www.osvdb.org/101575
- https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3ExploitPatch
- https://lists.libreswan.org/pipermail/swan-announce/2013/000007.htmlVendor Advisory
- http://secunia.com/advisories/56276Vendor Advisory
- http://www.osvdb.org/101575
- https://github.com/libreswan/libreswan/commit/ef2d756e73a188401c36133c2e2f7ce4f3ExploitPatch
- https://lists.libreswan.org/pipermail/swan-announce/2013/000007.htmlVendor Advisory
FAQ
What is CVE-2013-7283?
CVE-2013-7283 is a vulnerability with a CVSS score of 9.3 (HIGH). Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd ...
How severe is CVE-2013-7283?
CVE-2013-7283 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-7283?
Check the references section above for vendor advisories and patch information. Affected products include: Libreswan Libreswan.