CVE-2012-1053

Puppet <2.6.14-2.7.11 & PE - Privilege Escalation

Title source: llm

Description

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.

References (16)

Core 16

Core References

Various Sources vendor-advisory x_refsource_ubuntu

http://ubuntu.com/usn/usn-1372-1

Various Sources vendor-advisory x_refsource_suse

https://hermes.opensuse.org/messages/15087408

Issue Tracking x_refsource_misc

http://projects.puppetlabs.com/issues/12458

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48157

Third Party Advisory x_refsource_confirm

http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48166

Vendor Advisory x_refsource_confirm

http://puppetlabs.com/security/cve/cve-2012-1053/

Issue Tracking x_refsource_misc

http://projects.puppetlabs.com/issues/12459

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48290

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/79495

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/48161

Issue Tracking x_refsource_misc

http://projects.puppetlabs.com/issues/12457

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/73445

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/52158

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2012/dsa-2419

Scores

EPSS 0.0004

EPSS Percentile 13.5%

Details

CWE

CWE-264

Status published

Products (36)

puppet/puppet 2.6.0

puppet/puppet 2.6.1

puppet/puppet 2.6.2

puppet/puppet 2.6.3

puppet/puppet 2.6.4

puppet/puppet 2.6.5

puppet/puppet 2.6.6

puppet/puppet 2.6.7

puppet/puppet 2.6.8

puppet/puppet 2.6.9

... and 26 more

Published May 29, 2012

Tracked Since Feb 18, 2026