Lucene search

K

MitreCVELIST:CVE-2012-1054

HistoryMay 29, 2012 - 8:00 p.m.

CVE-2012-1054

2012-05-2920:00:00

mitre

www.cve.org

3

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

10.1%

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.

References

lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html

projects.puppetlabs.com/issues/12460

projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14

puppetlabs.com/security/cve/cve-2012-1054/

secunia.com/advisories/48157

secunia.com/advisories/48161

secunia.com/advisories/48166

secunia.com/advisories/48290

ubuntu.com/usn/usn-1372-1

www.debian.org/security/2012/dsa-2419

www.osvdb.org/79496

www.securityfocus.com/bid/52158

exchange.xforce.ibmcloud.com/vulnerabilities/73446

hermes.opensuse.org/messages/15087408

AI Score

6.1

Confidence

Low

EPSS

0

Percentile

10.1%

Related for CVELIST:CVE-2012-1054

ubuntucve1 debiancve1 prion1 cve1 nvd1 openvas20 nessus9 osv1 ubuntu1 debian2 fedora6 securityvulns2 amazon1 suse1 gentoo1