CVE-2012-2945
First published: Tue Oct 29 2019(Updated: )
Hadoop 1.0.3 contains a symlink vulnerability as a result of storing pid files in the shared `/tmp` directory by default.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Hadoop | =1.0.3 | |
| debian |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2012-2945?
CVE-2012-2945 refers to a symlink vulnerability found in Hadoop 1.0.3.
What is the severity of CVE-2012-2945?
The severity of CVE-2012-2945 is rated as high with a severity value of 7.5.
How does CVE-2012-2945 affect Hadoop 1.0.3?
CVE-2012-2945 affects Hadoop 1.0.3 by exploiting a symlink vulnerability caused by storing pid files in the shared /tmp directory by default.
How can I fix CVE-2012-2945 in Hadoop 1.0.3?
To fix CVE-2012-2945 in Hadoop 1.0.3, upgrade to version 1.0.4.
Is there any additional information about CVE-2012-2945?
For more information about CVE-2012-2945, you can refer to the following links: [NVD](https://nvd.nist.gov/vuln/detail/CVE-2012-2945), [Full Disclosure](https://seclists.org/fulldisclosure/2012/Jul/3), [Debian Security Tracker](https://security-tracker.debian.org/tracker/CVE-2012-2945).
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/github-advisory-latest
- alias/GHSA-v5c9-98f7-2h54
- alias/CVE-2012-2945
- collector/nvd-cve
- collector/nvd-index
- collector/security-tracker-debian
- package-manager/maven
- vendor/apache
- canonical/apache hadoop
- version/apache hadoop/1.0.3
- package-manager/debian