CVE-2013-6412

EPSS 0.04%

Published: 1/23/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-6412

Description

The transform_save function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors.

Affected packages (1)

Debian/augeasfrom 0, < 1.2.0-0.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6412