Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2012-05-29T20:00:00
Updated: 2024-08-06T18:45:27.072Z
Reserved: 2012-02-13T00:00:00
Link: CVE-2012-1054
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-05-29T20:55:07.133
Modified: 2024-11-21T01:36:18.460
Link: CVE-2012-1054
Redhat