Fluid Attacks Database

Description

Ansible uses a socket with predictable filename in /tmp runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
pypi	ansible	>=0 <1.2.3	1.2.3
debian 14	ansible	>=0 <1.3.4+dfsg-1	1.3.4+dfsg-1
debian 11	ansible	>=0 <1.3.4+dfsg-1	1.3.4+dfsg-1
debian 12	ansible	>=0 <1.3.4+dfsg-1	1.3.4+dfsg-1
debian 13	ansible	>=0 <1.3.4+dfsg-1	1.3.4+dfsg-1

Aliases

1. CVE-2013-42592. NVD-2013-42593. OSV-2013-42594. OSV-DEBIAN-2013-42595. GCVE-2013-42596. SECURITY-TRACKER-CVE-2013-4259

References

1. https://bugzilla.redhat.com/show_bug.cgi?id=9982232. https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2013-1.yaml3. https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg4. https://groups.google.com/forum/#%21topic/ansible-project/UVDYW0HGcNg5. http://www.ansible.com/security

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.