TROYANOSYVIRUS
Voltar para CVEs

CVE-2012-3537

N/A

Descricao

The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.

Detalhes CVE

Pontuacao CVSS v3.1N/A
Publicado9/5/2012
Ultima modificacao4/11/2025
Fontenvd
Avistamentos honeypot0

Produtos afetados

dell:crowbar

Fraquezas (CWE)

CWE-264

Referencias

http://osvdb.org/84955(secalert@redhat.com)
http://secunia.com/advisories/50442(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/08/27/5(secalert@redhat.com)
http://www.openwall.com/lists/oss-security/2012/08/27/7(secalert@redhat.com)
http://www.securityfocus.com/bid/55240(secalert@redhat.com)
https://bugzilla.novell.com/show_bug.cgi?id=774967(secalert@redhat.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041(secalert@redhat.com)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8(secalert@redhat.com)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87(secalert@redhat.com)
https://github.com/dellcloudedge/barclamp-deployer/pull/57(secalert@redhat.com)
http://osvdb.org/84955(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/50442(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/08/27/5(af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2012/08/27/7(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/55240(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=774967(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/dellcloudedge/barclamp-deployer/pull/57(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.