CVE-2014-8119

Published: Dec 29, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

Affected (6)

Products: Fedoraproject: Fedora · Redhat: Enterprise Linux · Netcf Project: Netcf

1 product

1 product

Enterprise Linux

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 20
Fedoraproject Fedora	Version 21
Fedoraproject Fedora	Version 22
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Netcf Project Netcf	Up to 0.2.6

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (14)

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156571.html

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157508.html

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157713.html

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2248.html

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

http://www.securityfocus.com/bid/78046

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1172176

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://pagure.io/netcf/blob/050b05c880a6b343baf86780d94764b1aafece37/f/NEWS

Source: secalert@redhat.com

Issue TrackingRelease NotesThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156571.html

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157508.html

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157713.html

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2248.html

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

http://www.securityfocus.com/bid/78046

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1172176

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://pagure.io/netcf/blob/050b05c880a6b343baf86780d94764b1aafece37/f/NEWS

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingRelease NotesThird Party Advisory

Timeline

No history available yet.