Lucene search

K

[email protected]NVD:CVE-2012-1053

HistoryMay 29, 2012 - 8:55 p.m.

CVE-2012-1053

2012-05-2920:55:07

CWE-264

[email protected]

web.nvd.nist.gov

6

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

10.1%

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.

Affected configurations

Nvd

Node

puppetpuppetMatch2.6.0

OR

puppetpuppetMatch2.6.1

OR

puppetpuppetMatch2.6.2

OR

puppetpuppetMatch2.6.3

OR

puppetpuppetMatch2.6.4

OR

puppetpuppetMatch2.6.5

OR

puppetpuppetMatch2.6.6

OR

puppetpuppetMatch2.6.7

OR

puppetpuppetMatch2.6.8

OR

puppetpuppetMatch2.6.9

OR

puppetpuppetMatch2.6.10

OR

puppetpuppetMatch2.6.11

OR

puppetpuppetMatch2.6.12

OR

puppetpuppetMatch2.6.13

Node

puppetpuppetMatch2.7.2

OR

puppetpuppetMatch2.7.3

OR

puppetpuppetMatch2.7.4

OR

puppetpuppetMatch2.7.5

OR

puppetpuppetMatch2.7.6

OR

puppetpuppetMatch2.7.7

OR

puppetpuppetMatch2.7.8

OR

puppetpuppetMatch2.7.9

OR

puppetpuppetMatch2.7.10

OR

puppetlabspuppetMatch2.7.0

OR

puppetlabspuppetMatch2.7.1

Node

puppetpuppet_enterpriseMatch1.2.0

OR

puppetpuppet_enterpriseMatch1.2.1

OR

puppetpuppet_enterpriseMatch1.2.2

OR

puppetpuppet_enterpriseMatch1.2.3

OR

puppetpuppet_enterpriseMatch1.2.4

OR

puppetpuppet_enterpriseMatch2.0.0

OR

puppetpuppet_enterpriseMatch2.0.1

OR

puppetpuppet_enterpriseMatch2.0.2

OR

puppetlabspuppet_enterprise_usersMatch1.0

OR

puppetlabspuppet_enterprise_usersMatch1.1

References

lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html

projects.puppetlabs.com/issues/12457

projects.puppetlabs.com/issues/12458

projects.puppetlabs.com/issues/12459

projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14

puppetlabs.com/security/cve/cve-2012-1053/

secunia.com/advisories/48157

secunia.com/advisories/48161

secunia.com/advisories/48166

secunia.com/advisories/48290

ubuntu.com/usn/usn-1372-1

www.debian.org/security/2012/dsa-2419

www.osvdb.org/79495

www.securityfocus.com/bid/52158

exchange.xforce.ibmcloud.com/vulnerabilities/73445

hermes.opensuse.org/messages/15087408

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

10.1%

Related for NVD:CVE-2012-1053

debiancve1 ubuntucve1 osv2 cve1 github1 prion1 cvelist1 rubygems1 nessus9 fedora6 openvas20 ubuntu1 debian2 securityvulns2 amazon1 suse1 gentoo1