CVE-2013-4259 — Use of Insufficiently Random Values in Redhat Ansible

CWE-264 CWE-330 — Use of Insufficiently Random Values9 documents6 sources

Severity

1.9LOWNVD

EPSS

0.1%

top 84.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Ansible

Timeline

PublishedSep 16

Latest updateMay 14

Description

runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages3 packages

▶PyPIredhat/ansible< 1.2.3

▶Debianredhat/ansible< 1.3.4+dfsg-1+3

▶NVDredhat/ansible1.2.2

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

OSV

Ansible uses a socket with predictable filename in /tmp↗2022-05-14

▶

GHSA

Ansible uses a socket with predictable filename in /tmp↗2022-05-14

▶

CVEList

CVE-2013-4259: runner/connection_plugins/ssh↗2013-09-16

▶

OSV

CVE-2013-4259: runner/connection_plugins/ssh↗2013-09-16

▶

📋Vendor Advisories

Debian

CVE-2013-4259: ansible - runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPers...↗2013

▶

💬Community

Bugzilla

CVE-2013-4259 ansible: insecure location for ssh ControlMaster socket [epel-6]↗2013-08-27

▶

Bugzilla

CVE-2013-4259 CVE-2013-4260 ansible: various flaws [fedora-all]↗2013-08-21

▶

Bugzilla

CVE-2013-4259 ansible: insecure location for ssh ControlMaster socket↗2013-08-18

▶