CVE-2012-3537
N/A
N/A
Summary
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
- http://www.openwall.com/lists/oss-security/2012/08/27/7
- https://github.com/dellcloudedge/barclamp-deployer/pull/57
- http://www.securityfocus.com/bid/55240
- https://bugzilla.novell.com/show_bug.cgi?id=774967
- http://secunia.com/advisories/50442
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
- http://osvdb.org/84955
- http://www.openwall.com/lists/oss-security/2012/08/27/5
References
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
- http://www.openwall.com/lists/oss-security/2012/08/27/7
- https://github.com/dellcloudedge/barclamp-deployer/pull/57
- http://www.securityfocus.com/bid/55240
- https://bugzilla.novell.com/show_bug.cgi?id=774967
- http://secunia.com/advisories/50442
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
- http://osvdb.org/84955
- http://www.openwall.com/lists/oss-security/2012/08/27/5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.