Vulnerability Details CVE-2013-7172
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.openwall.com/lists/oss-security/2013/12/20/1
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89916
- https://security-tracker.debian.org/tracker/CVE-2013-7172
- http://www.openwall.com/lists/oss-security/2013/12/20/1
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-7172
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89916
- https://security-tracker.debian.org/tracker/CVE-2013-7172
Products affected by CVE-2013-7172
-
cpe:2.3:o:slackware:slackware_linux:13.1
-
cpe:2.3:o:slackware:slackware_linux:13.37
-
cpe:2.3:o:slackware:slackware_linux:14.0
-
cpe:2.3:o:slackware:slackware_linux:14.1