Vulnerability Details : CVE-2012-6348
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or (2) overwrite arbitrary files and consequently gain privileges via a symlink attack on the centrify.cmd.0 temporary file.
Products affected by CVE-2012-6348
- cpe:2.3:a:centrify:centrify_deployment_manager:2.1.0.283:*:*:*:*:*:*:*
- cpe:2.3:a:centrify:centrify_suite:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-6348
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-6348
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:L/AC:M/Au:N/C:N/I:P/A:P |
3.4
|
4.9
|
NIST |
CWE ids for CVE-2012-6348
-
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2012-6348
-
Centrify 2013-02-08Centrify had addressed this issue in an update released on Thursday, Dec 13. The Deployment Manager component is updated to 2.1.5 and it is available in the Suite 2012.5 release, which can be downloaded from: http://www.centrify.com/support/downloadcenter.asp.
References for CVE-2012-6348
-
http://archives.neohapsis.com/archives/bugtraq/2012-12/0071.html
-
http://archives.neohapsis.com/archives/bugtraq/2012-12/0113.html
-
http://archives.neohapsis.com/archives/bugtraq/2012-12/0037.html
-
http://archives.neohapsis.com/archives/bugtraq/2012-12/0036.html
-
http://archives.neohapsis.com/archives/bugtraq/2012-12/0097.html
-
http://vapid.dhs.org/advisories/centrify_deployment_manager_insecure_tmp2.html
cent.html
-
http://vapid.dhs.org/exploits/centrify_local_r00t.c
Jump to