CVE-2012-6348 - OpenCVE

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Centrify	Centrify Deployment Manager Centrify Suite

Configuration 1 [-]

OR	cpe:2.3:a:centrify:centrify_deployment_manager:2.1.0.283:::::::*
	cpe:2.3:a:centrify:centrify_suite::::::::

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html
http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html
http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html
http://vapid.dhs.org/exploits/centrify_local_r00t.c

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:29

Updated: 2022-10-03T16:15:29

Reserved: 2022-10-03T00:00:00

Link: CVE-2012-6348

JSON object: View

NVD Information

Status : Analyzed

Published: 2013-01-04T21:55:01.883

Modified: 2013-01-08T05:00:00.000

Link: CVE-2012-6348

JSON object: View

Redhat Information

No data.

CWE

CWE-59

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:15:29", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20121218 Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"name": "20121213 Re: Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"name": "20121207 Centrify Deployment Manager v2.1.0.283 local root", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"tags": ["x_refsource_MISC"], "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"tags": ["x_refsource_MISC"], "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-6348", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20121218 Local root exploit for Centrify Deployment Manager < v2.1.0.283 local root", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"name": "20121213 Re: Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"name": "20121207 Centrify Deployment Manager v2.1.0.283 local root", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"name": "http://vapid.dhs.org/exploits/centrify_local_r00t.c", "refsource": "MISC", "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}, {"name": "20121204 Centrify Deployment Manager v2.1.0.283", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"name": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html", "refsource": "MISC", "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-6348", "datePublished": "2022-10-03T16:15:29", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:15:29", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:centrify:centrify_deployment_manager:2.1.0.283:*:*:*:*:*:*:*", "matchCriteriaId": "EBA350D1-C11D-4E2F-97A2-6EE8AD261478", "vulnerable": true}, {"criteria": "cpe:2.3:a:centrify:centrify_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "D94CE798-3856-4DA6-81BA-3BBA1A2CC0A8", "versionEndIncluding": "2012", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file."}, {"lang": "es", "value": "Centrify Deployment Manager v2.1.0.283, como las distribuidas en Centrify Suite anteriores a v2012.5, permite a usuarios locales (1) sobrescribir ficheros mediante un ataque de enlaces simb\u00f3licos sobre el fichero temporal adcheckDMoutput, o (2) sobrescribir ficheros y consecuentemente obtener privilegios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el fichero temporal centrify.cmd.0."}], "id": "CVE-2012-6348", "lastModified": "2013-01-08T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-01-04T21:55:01.883", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html"}, {"source": "cve@mitre.org", "url": "http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html"}, {"source": "cve@mitre.org", "url": "http://vapid.dhs.org/exploits/centrify_local_r00t.c"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Centrify had addressed this issue in an update released on Thursday, Dec 13. The Deployment Manager component is updated to 2.1.5 and it is available in the Suite 2012.5 release, which can be downloaded from: http://www.centrify.com/support/downloadcenter.asp.", "lastModified": "2013-02-08T00:00:00", "organization": "Centrify"}], "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}