[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: crowbar ohai plugin: local privilege (root) escalation due to insecu
From: Kurt Seifried <kseifried () redhat ! com>
Date: 2012-08-27 17:34:41
Message-ID: 503BAFB1.8060402 () redhat ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/27/2012 09:31 AM, Thomas Biege wrote:
>
> Hi, insecure handling of tmp files can lead to executing arbitrary
> shell commands as root:
>
> https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
>
>
>
> Thanks, Thomas
Please use CVE-2012-3537 for this issue.
- --
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBAgAGBQJQO6+xAAoJEBYNRVNeJnmTNXIQAMDkKHGS3fnHwSy1kbJ360R6
SAPvLzLy6pKPn7MjucJjBlLp1D6ZXUDnh7tSoenC6lPi8ROV1m8+hzi1z1TJyukw
70gebhFsgL1p2XXkOMIhGeRDvZmeyGKetkAJuotJnhpz5y95RMVk0NDbE5PoH2Ke
BK1bKsSyrC94uViC0IpShuv4cfWjZ30C8O4LPZdT4yDHnHAd1AXMewV1vK8q5Xus
2js77SXidWKTgcVA/x2NRm0tJbaU5gQb/8hlpzk/8wivA2lKL7QJPPeUtKDun4Vv
XVN7G0JZuaxmLEDi07akPAX6+wL0W5yxD0ucQicPci0J3Kz9A5lzVnt3v+IB3Bkv
q/M9VPfNxHXFl165vTIqI0jJepwEsHiBAFiElimXWmsxTULXsFQcQtRnBFKTgiEU
kPoTxEGfm/IqOnR7RMSqE2WSGE2J0D2aZnj+thr5pWvc60t7G5I0ODOM+nYUlj1q
91JbDA73tRUO9EPoN3T6b8HP4btH0GJs4KRDFU6Z4jQpIQyujg/Zn60iCVDAZd43
lFhE42JVPuXg+ebifEe4P0iJBELXH2pEF7ZVXkQG1KM/sSHpUyQ9CDtGXKu3QyW3
mpQAPT7J/GxnqU7UuTkaSORlg21SWXcBCjC5LHb2ze4LgE+5uLFcpHcWw9cTx7pZ
555709TUMstu9IZq/3gJ
=g4XD
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic