CVE-2012-6348 - Vulnerability Details - OpenCVE

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Centrify	Centrify Deployment Manager Centrify Suite

Configuration 1 [-]

OR	cpe:2.3:a:centrify:centrify_deployment_manager:2.1.0.283:::::::*
	cpe:2.3:a:centrify:centrify_suite::::::::

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html
http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html
http://vapid.dhs.org/exploits/centrify_local_r00t.c

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-01-04T21:00:00Z

Updated: 2024-09-16T16:37:56.078Z

Reserved: 2012-12-13T00:00:00Z

Link: CVE-2012-6348

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-01-04T21:55:01.883

Modified: 2024-11-21T01:46:03.287

Link: CVE-2012-6348

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-01-04T21:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20121218 Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"name": "20121213 Re: Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"name": "20121207 Centrify Deployment Manager v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"tags": ["x_refsource_MISC"], "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"tags": ["x_refsource_MISC"], "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6348", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20121218 Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"name": "20121213 Re: Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"name": "20121207 Centrify Deployment Manager v2.1.0.283 local root", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"name": "http://vapid.dhs.org/exploits/centrify_local_r00t.c", "refsource": "MISC", "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"name": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html", "refsource": "MISC", "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:28:39.705Z"}, "title": "CVE Program Container", "references": [{"name": "20121218 Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"name": "20121213 Re: Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"name": "20121207 Centrify Deployment Manager v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-6348", "datePublished": "2013-01-04T21:00:00Z", "dateReserved": "2012-12-13T00:00:00Z", "dateUpdated": "2024-09-16T16:37:56.078Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:centrify:centrify_deployment_manager:2.1.0.283:*:*:*:*:*:*:*", "matchCriteriaId": "EBA350D1-C11D-4E2F-97A2-6EE8AD261478", "vulnerable": true}, {"criteria": "cpe:2.3:a:centrify:centrify_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "D94CE798-3856-4DA6-81BA-3BBA1A2CC0A8", "versionEndIncluding": "2012", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}, {"lang": "es", "value": "Centrify Deployment Manager v2.1.0.283, como las distribuidas en Centrify Suite anteriores a v2012.5, permite a usuarios locales (1) sobrescribir ficheros mediante un ataque de enlaces simb\u00f3licos sobre el fichero temporal adcheckDMoutput, o (2) sobrescribir ficheros y consecuentemente obtener privilegios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el fichero temporal centrify.cmd.0."}], "id": "CVE-2012-6348", "lastModified": "2024-11-21T01:46:03.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-01-04T21:55:01.883", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"source": "cve@mitre.org", "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}, {"source": "cve@mitre.org", "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Centrify had addressed this issue in an update released on Thursday, Dec 13. The Deployment Manager component is updated to 2.1.5 and it is available in the Suite 2012.5 release, which can be downloaded from: http://www.centrify.com/support/downloadcenter.asp.", "lastModified": "2013-02-08T00:00:00", "organization": "Centrify"}], "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}