The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.
References
Configurations
Information
Published : 2012-09-05 16:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-3537
Mitre link : CVE-2012-3537
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
dell
- crowbar