LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

puppet: two privilege escalations

Package(s):puppet CVE #(s):CVE-2012-1053 CVE-2012-1054
Created:February 23, 2012 Updated:July 4, 2012
Description:

From the Ubuntu advisory:

It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). (CVE-2012-1053)

It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. (CVE-2012-1054)

Alerts:
Ubuntu USN-1372-1 2012-02-23
Debian DSA-2419-1 2012-02-27
Gentoo 201203-03 2012-03-05
SUSE SUSE-SU-2012:0325-1 2012-03-06
Fedora FEDORA-2012-2415 2012-03-10
Fedora FEDORA-2012-2367 2012-03-10
openSUSE openSUSE-SU-2012:0835-1 2012-07-04
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds