CVSS: 6.9EPSS: 0%CPEs: 35EXPL: 0CVE-2012-1053
https://notcve.org/view.php?id=CVE-2012-1053
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups. El método change_user en el SUIDManager SUIDManager (lib/puppet/util/suidmanager.rb) en Puppet v2.6.x anterior a v2.6.14 y v2.7.x anterior a v2.7.11, y Puppet Enterprise (PE) Users v1.0, v1.1, v1.2.x, v2.0.x anterior a 2.0.3 no gestiona adecuadamente los privilegios de grupo, lo que permite a usuarios locales conseguir privilegios a través de vectores relacionados con (1) change_user en ciertas condiciones, (2) cambios en el eguid sin cambios asociados a la egid, o (3) la adición de la gid real a grupos complementarios. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html http://projects.puppetlabs.com/issues/12457 http://projects.puppetlabs.com/issues/12458 http://projects.puppetlabs.com/issues/12459 http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14 http://puppetlabs.com/security/cve/cve-2012-1053 http://secunia.com/advisories/48157 http://secunia.com/advisories/48161 http://secunia.com/advisories/48166 http://secunia.com/advisories/48290 http://ubuntu. • CWE-264: Permissions, Privileges, and Access Controls •