Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5477

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2012-5477
Last Modified 08 May 2014 10:50:12
Published 08 May 2014 10:29:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-5477

Summary

The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors.

Vulnerable Systems

Application

  • Theforeman Foreman 1.0


References

CONFIRM - http://theforeman.org/security.html

CONFIRM - http://projects.theforeman.org/issues/1929


Last Updated: 27 May 2016 10:53:57