CVE-2013-1057

Publication date 18 September 2013

Last updated 24 July 2024

Ubuntu priority

Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
maas	13.10 saucy	Not affected
	13.04 raring	Fixed 1.3+bzr1461+dfsg-0ubuntu2.3
	12.10 quantal	Fixed 1.2+bzr1373+dfsg-0ubuntu1.1
	12.04 LTS precise	Fixed 1.2+bzr1373+dfsg-0ubuntu1~12.04.4
	10.04 LTS lucid	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2013-1
MAAS vulnerabilities
7 November 2013

Other references

https://www.cve.org/CVERecord?id=CVE-2013-1057