CVE-2012-1053
Summary
| CVE | CVE-2012-1053 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-05-29 20:55:00 UTC |
| Updated | 2019-07-11 15:09:00 UTC |
| Description | The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Puppet | Puppet | 2.6.0 | All | All | All |
| Application | Puppet | Puppet | 2.6.1 | All | All | All |
| Application | Puppet | Puppet | 2.6.10 | All | All | All |
| Application | Puppet | Puppet | 2.6.11 | All | All | All |
| Application | Puppet | Puppet | 2.6.12 | All | All | All |
| Application | Puppet | Puppet | 2.6.13 | All | All | All |
| Application | Puppet | Puppet | 2.6.2 | All | All | All |
| Application | Puppet | Puppet | 2.6.3 | All | All | All |
| Application | Puppet | Puppet | 2.6.4 | All | All | All |
| Application | Puppet | Puppet | 2.6.5 | All | All | All |
| Application | Puppet | Puppet | 2.6.6 | All | All | All |
| Application | Puppet | Puppet | 2.6.7 | All | All | All |
| Application | Puppet | Puppet | 2.6.8 | All | All | All |
| Application | Puppet | Puppet | 2.6.9 | All | All | All |
| Application | Puppet | Puppet | 2.7.10 | All | All | All |
| Application | Puppet | Puppet | 2.7.2 | All | All | All |
| Application | Puppet | Puppet | 2.7.3 | All | All | All |
| Application | Puppet | Puppet | 2.7.4 | All | All | All |
| Application | Puppet | Puppet | 2.7.5 | All | All | All |
| Application | Puppet | Puppet | 2.7.6 | All | All | All |
| Application | Puppet | Puppet | 2.7.7 | All | All | All |
| Application | Puppet | Puppet | 2.7.8 | All | All | All |
| Application | Puppet | Puppet | 2.7.9 | All | All | All |
| Application | Puppet | Puppet | 2.6.0 | All | All | All |
| Application | Puppet | Puppet | 2.6.1 | All | All | All |
| Application | Puppet | Puppet | 2.6.10 | All | All | All |
| Application | Puppet | Puppet | 2.6.11 | All | All | All |
| Application | Puppet | Puppet | 2.6.12 | All | All | All |
| Application | Puppet | Puppet | 2.6.13 | All | All | All |
| Application | Puppet | Puppet | 2.6.2 | All | All | All |
| Application | Puppet | Puppet | 2.6.3 | All | All | All |
| Application | Puppet | Puppet | 2.6.4 | All | All | All |
| Application | Puppet | Puppet | 2.6.5 | All | All | All |
| Application | Puppet | Puppet | 2.6.6 | All | All | All |
| Application | Puppet | Puppet | 2.6.7 | All | All | All |
| Application | Puppet | Puppet | 2.6.8 | All | All | All |
| Application | Puppet | Puppet | 2.6.9 | All | All | All |
| Application | Puppet | Puppet | 2.7.10 | All | All | All |
| Application | Puppet | Puppet | 2.7.2 | All | All | All |
| Application | Puppet | Puppet | 2.7.3 | All | All | All |
| Application | Puppet | Puppet | 2.7.4 | All | All | All |
| Application | Puppet | Puppet | 2.7.5 | All | All | All |
| Application | Puppet | Puppet | 2.7.6 | All | All | All |
| Application | Puppet | Puppet | 2.7.7 | All | All | All |
| Application | Puppet | Puppet | 2.7.8 | All | All | All |
| Application | Puppet | Puppet | 2.7.9 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.0 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.1 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.2 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.3 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.4 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.0 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.1 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.2 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.0 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.1 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.2 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.3 | All | All | All |
| Application | Puppet | Puppet Enterprise | 1.2.4 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.0 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.1 | All | All | All |
| Application | Puppet | Puppet Enterprise | 2.0.2 | All | All | All |
| Application | Puppetlabs | Puppet | 2.7.0 | All | All | All |
| Application | Puppetlabs | Puppet | 2.7.1 | All | All | All |
| Application | Puppetlabs | Puppet | 2.7.0 | All | All | All |
| Application | Puppetlabs | Puppet | 2.7.1 | All | All | All |
| Application | Puppetlabs | Puppet Enterprise Users | 1.0 | All | All | All |
| Application | Puppetlabs | Puppet Enterprise Users | 1.1 | All | All | All |
| Application | Puppetlabs | Puppet Enterprise Users | 1.0 | All | All | All |
| Application | Puppetlabs | Puppet Enterprise Users | 1.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2012-1053 | Puppet Labs | CONFIRM | puppetlabs.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| USN-1372-1: Puppet vulnerabilities | Ubuntu | UBUNTU | ubuntu.com | |
| Security Advisory SA48290 - SUSE update for puppet - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Bug #12457: Real gid always present in supplementary groups - Puppet - Puppet Labs | MISC | projects.puppetlabs.com | |
| [security-announce] SUSE-SU-2012:0325-1: important: Security update for | SUSE | lists.opensuse.org | |
| 79495 | OSVDB | www.osvdb.org | |
| Release Notes - Puppet - Puppet Labs | CONFIRM | projects.puppetlabs.com | |
| Bug #12458: Only euid changed, not egid - Puppet - Puppet Labs | MISC | projects.puppetlabs.com | |
| Security Advisory SA48166 - Puppet Group Privileges Security Issue and K5login Privilege Escalation Vulnerability - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Debian -- Security Information -- DSA-2419-1 puppet | DEBIAN | www.debian.org | |
| Security Advisory SA48161 - Ubuntu update for puppet - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| openSUSE-SU-2012:0835 | SUSE | hermes.opensuse.org | |
| Bug #12459: Permanent uid change doesn't drop supplementary groups - Puppet - Puppet Labs | MISC | projects.puppetlabs.com | |
| Puppet Multiple Local Privilege Escalation Vulnerabilities | BID | www.securityfocus.com | |
| Security Advisory SA48157 - Debian update for puppet - Secunia | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.