TROYANOSYVIRUS
Retour aux CVEs

CVE-2012-3537

N/A

Description

The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.

Details CVE

Score CVSS v3.1N/A
Publie9/5/2012
Derniere modification4/11/2025
Sourcenvd
Observations honeypot0

Produits affectes

dell:crowbar

Faiblesses (CWE)

CWE-264

References

http://osvdb.org/84955(secalert@redhat.com)
http://secunia.com/advisories/50442(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/08/27/5(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/08/27/7(secalert@redhat.com)
http://www.securityfocus.com/bid/55240(secalert@redhat.com)
https://bugzilla.novell.com/show_bug.cgi?id=774967(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041(secalert@redhat.com)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8(secalert@redhat.com)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87(secalert@redhat.com)
https://github.com/dellcloudedge/barclamp-deployer/pull/57(secalert@redhat.com)
http://osvdb.org/84955(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50442(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/08/27/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/08/27/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/55240(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=774967(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/dellcloudedge/barclamp-deployer/pull/57(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.