Описание
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-3537
- https://github.com/dellcloudedge/barclamp-deployer/pull/57
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
- https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
- https://bugzilla.novell.com/show_bug.cgi?id=774967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
- http://osvdb.org/84955
- http://secunia.com/advisories/50442
- http://www.openwall.com/lists/oss-security/2012/08/27/5
- http://www.openwall.com/lists/oss-security/2012/08/27/7
- http://www.securityfocus.com/bid/55240
EPSS
CVE ID
Связанные уязвимости
The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
EPSS