CVE-2012-0434

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0434 at MITRE

Description

The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

SUSE information

SUSE Bugzilla entry: 784857

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Cloud 1.0
  • crowbar >= 1.2+git.1352980051.583e159-0.5.3
  • crowbar-barclamp-crowbar >= 1.2+git.1352636706.f1e4834-0.5.13
  • crowbar-barclamp-database >= 1.2+git.1349690639.d8910c3-0.5.13
  • crowbar-barclamp-dns >= 1.2+git.1352726499.fd6eca8-0.5.13
  • crowbar-barclamp-nova >= 1.2+git.1352206743.6cc2eeb-0.5.13
  • crowbar-barclamp-provisioner >= 1.2+git.1355744933.0c1d40d-0.5.13
Builds
SAT Patch Nr: 7210