CVE-2012-1053

2012-02-2300:00:00

ubuntu.com

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

EPSS

Percentile

10.1%

JSON

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb)
in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet
Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly
manage group privileges, which allows local users to gain privileges via
vectors related to (1) the change_user not dropping supplementary groups in
certain conditions, (2) changes to the eguid without associated changes to
the egid, or (3) the addition of the real gid to supplementary groups.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchpuppet< 0.25.4-2ubuntu6.6UNKNOWN
ubuntu10.10noarchpuppet< 2.6.1-0ubuntu2.6UNKNOWN
ubuntu11.04noarchpuppet< 2.6.4-2ubuntu2.8UNKNOWN
ubuntu11.10noarchpuppet< 2.7.1-1ubuntu3.5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	puppet	< 0.25.4-2ubuntu6.6	UNKNOWN
ubuntu	10.10	noarch	puppet	< 2.6.1-0ubuntu2.6	UNKNOWN
ubuntu	11.04	noarch	puppet	< 2.6.4-2ubuntu2.8	UNKNOWN
ubuntu	11.10	noarch	puppet	< 2.7.1-1ubuntu3.5	UNKNOWN