CVE-2012-3500 - OpenCVE

scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:H/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Devscripts Devel Team	Devscripts
Fedora	Rpmdevtools

Configuration 1 [-]

AND

OR	cpe:2.3:a:devscripts_devel_team:devscripts::::::::
	cpe:2.3:a:devscripts_devel_team:devscripts:2.12.0:::::::*

cpe:2.3:a:fedora:rpmdevtools:*:*:*:*:*:*:*:*

References

Link	Resource
http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commit%3Bh=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0
http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb	Patch
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html
http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html
http://secunia.com/advisories/50600	Vendor Advisory
http://www.debian.org/security/2012/dsa-2549	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:123
http://www.openwall.com/lists/oss-security/2012/08/31/7
http://www.securityfocus.com/bid/55358
http://www.ubuntu.com/usn/USN-1593-1
https://bugzilla.redhat.com/show_bug.cgi?id=848022
https://exchange.xforce.ibmcloud.com/vulnerabilities/78230
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2012-10-01T00:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-06-14T00:00:00

Link: CVE-2012-3500

JSON object: View

NVD Information

Status : Modified

Published: 2012-10-01T00:55:01.460

Modified: 2023-02-13T04:34:23.080

Link: CVE-2012-3500

JSON object: View

Redhat Information

No data.

CWE

CWE-362

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-08-26T00:00:00", "descriptions": [{"lang": "en", "value": "scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commit%3Bh=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0"}, {"name": "MDVSA-2013:123", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:123"}, {"name": "rpmdevtools-toctou-symlink(78230)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78230"}, {"name": "55358", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55358"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848022"}, {"name": "FEDORA-2012-13208", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html"}, {"name": "DSA-2549", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2549"}, {"name": "FEDORA-2012-13263", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb"}, {"name": "50600", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50600"}, {"name": "FEDORA-2012-13234", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html"}, {"name": "USN-1593-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1593-1"}, {"name": "[oss-security] 20120831 [Notification] CVE-2012-3500 - rpmdevtools, devscripts: TOCTOU race condition in annotate-output", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/08/31/7"}, {"name": "openSUSE-SU-2012:1437", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-3500", "datePublished": "2012-10-01T00:00:00", "dateReserved": "2012-06-14T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:devscripts_devel_team:devscripts:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6512264-3679-4AEE-B3A7-A8F79C3C732A", "versionEndIncluding": "2.12.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:devscripts_devel_team:devscripts:2.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF1044AF-D62E-4A7D-862D-C9E11F97809F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:fedora:rpmdevtools:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3B32B64-ADA2-4802-951C-B052784B80BE", "versionEndIncluding": "8.2-1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file."}, {"lang": "es", "value": "scripts/annotate-output.sh en devscripts anteriores a v2.12.2, como el usado en rpmdevtools anteriores a v8.3, permite a usuarios locales modificar ficheros a trav\u00e9s de un ataque de enlaces simb\u00f3licos sobre los ficheros temporales de (1) salida est\u00e1ndar o (2) salida est\u00e1ndar de error."}], "id": "CVE-2012-3500", "lastModified": "2023-02-13T04:34:23.080", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-01T00:55:01.460", "references": [{"source": "secalert@redhat.com", "url": "http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git%3Ba=commit%3Bh=4d23a5e6c90f7a37b0972b30f5d31dce97a93eb0"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://git.fedorahosted.org/cgit/rpmdevtools.git/commit/?id=90b4400c2ab2e80cecfd8dfdf031536376ed2cdb"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086138.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086159.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087335.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00000.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/50600"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.debian.org/security/2012/dsa-2549"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:123"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/08/31/7"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/55358"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1593-1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848022"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78230"}, {"source": "secalert@redhat.com", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0316"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}