CVE-2016-3096 — Link Following in Redhat Ansible

CWE-59 — Link Following10 documents7 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 89.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Ansible Fedoraproject Fedora

Timeline

PublishedJun 3

Latest updateOct 10

Description

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶PyPIredhat/ansible2.0.0.0 — 2.0.2.0+1

▶Debianredhat/ansible< 2.0.1.0-2+3

▶NVDredhat/ansible1.9.6+2

Also affects: Fedora 22, 23, 24

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Link Following in ansible↗2018-10-10

▶

GHSA

Link Following in ansible↗2018-10-10

▶

CVEList

CVE-2016-3096: The create_script function in the lxc_container module in Ansible before 1↗2016-06-03

▶

OSV

CVE-2016-3096: The create_script function in the lxc_container module in Ansible before 1↗2016-06-03

▶

📋Vendor Advisories

Red Hat

ansible: Code execution vulnerability in lxc_container↗2016-03-31

▶

Debian

CVE-2016-3096: ansible - The create_script function in the lxc_container module in Ansible before 1.9.6-1...↗2016

▶

💬Community

Bugzilla

CVE-2016-3096 lxc: Code execution vulnerability in ansible lxc_container [fedora-all]↗2016-03-31

▶

Bugzilla

CVE-2016-3096 ansible: Code execution vulnerability in lxc_container↗2016-03-31

▶

Bugzilla

CVE-2016-3096 lxc: Code execution vulnerability in ansible lxc_container [epel-all]↗2016-03-31

▶