CVE-2012-1053 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-1053 Interim 1 13 2023-12-08T02:54:18Z current 2021-05-30T13:02:20Z 2023-12-08T02:54:18Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-1053 The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2012-March/000048.html E-Mail link for SUSE-SU-2012:0325-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1-TERADATA puppet-2.6.12-0.12.1 puppet-server-2.6.12-0.12.1 pwdutils-3.2.8-0.2.35 puppet-2.6.12-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA puppet-server-2.6.12-0.12.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA pwdutils-3.2.8-0.2.35 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups. CVE-2012-1053 SUSE Linux Enterprise Server 11 SP1-TERADATA:puppet-2.6.12-0.12.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:puppet-server-2.6.12-0.12.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:pwdutils-3.2.8-0.2.35 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C