CVE-2012-3537

Currently unrated

Key Information:

Vendor: Dell
Status: Crowbar
Vendor: CVE Published:; 5 September 2012

Summary

The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.

References

https://github.com/SUSE-Cloud/barclamp-deployer/commit/5e...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/78041

vdb-entryx_refsource_XF

http://www.openwall.com/lists/oss-security/2012/08/27/7

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Sep 5, 2012
Vulnerability Reserved
Jun 14, 2012