CVE-2013-6876

Name: CVE-2013-6876
Creator: NVD / NIST
Published: 2018-04-06T17:29:00.19+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.59%

Last modified Jun 17, 2026

CVE-2013-6876 is a vulnerability of currently unknown severity. The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the version number was not changed.. EPSS estimates a 0.59% chance of exploitation in the next 30 days.

Description

The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier. NOTE: this vulnerability was fixed with commit ad732f00b411b092c66a04c359da0f16ec3b387, but the version number was not changed.

Metrics

EPSS Probability

0.59%

43.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
S3dvt Project	S3dvt	<= 0.2.2

References

http://hmarco.org/bugs/s3dvt_0.2.2-root-shell.htmlThird Party Advisory
http://packetstormsecurity.com/files/126887/s3dvt-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2014/Jun/10Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/06/03/11Mailing List, Third Party Advisory
http://www.securityfocus.com/archive/1/532258/100/0/threaded
http://www.securityfocus.com/archive/1/532276/100/0/threaded
http://www.securityfocus.com/bid/67789Third Party Advisory, VDB Entry
http://hmarco.org/bugs/s3dvt_0.2.2-root-shell.htmlThird Party Advisory
http://packetstormsecurity.com/files/126887/s3dvt-Privilege-Escalation.htmlThird Party Advisory, VDB Entry
http://seclists.org/fulldisclosure/2014/Jun/10Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/06/03/11Mailing List, Third Party Advisory
http://www.securityfocus.com/archive/1/532258/100/0/threaded
http://www.securityfocus.com/archive/1/532276/100/0/threaded
http://www.securityfocus.com/bid/67789Third Party Advisory, VDB Entry

Timeline

Published: Apr 6, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2013-6876?

How severe is CVE-2013-6876?

Severity scoring for CVE-2013-6876 is pending analysis. The EPSS model estimates a 0.59% probability of exploitation in the next 30 days.

How do I fix CVE-2013-6876?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2013-6876?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST