CVE-2013-6433

Priority
Medium
Description
The default configuration in the Red Hat openstack-neutron package before
2013.2.3-7 does not properly set a configuration file for rootwrap, which
allows remote attackers to gain privileges via a crafted configuration
file.
References
Bugs
Notes
 jdstrand> medium because while the issue is privilege escalation, it requires
  another flaw to exploit
 jdstrand> the Ubuntu 14.10 1:2014.2~b1-0ubuntu3 upload mistakenly references
  CVE-2013-1068
Package
Upstream:not-affected
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:not-affected
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (1:2014.1-0ubuntu1.3)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:42:06 UTC (commit 9756)