What is the severity of CVE-2010-4512?

CVE-2010-4512 has a medium severity rating as it allows local users to exploit unwanted permissions.

How do I fix CVE-2010-4512?

To fix CVE-2010-4512, update Cobbler to version 2.0.4 or later, which addresses the incorrect umask configuration.

Which versions of Cobbler are affected by CVE-2010-4512?

CVE-2010-4512 affects Cobbler versions prior to 2.0.4, including 1.0.2, 1.6.1, and several others.

What impact does CVE-2010-4512 have on file permissions?

CVE-2010-4512 allows unintended world writable permissions, potentially exposing sensitive files to unauthorized access by local users.

Is CVE-2010-4512 a remote access vulnerability?

No, CVE-2010-4512 is a local vulnerability that requires local user access to exploit the issue.

Vulnerability/
CVE-2010-4512

high

7.2

CWE

264

9/12/2010

18/12/2010

CVE-2010-4512

First published: Thu Dec 09 2010(Updated: )

Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Michael Dehaan Cobbler	=1.0.2
Michael Dehaan Cobbler	=1.6.1
Michael Dehaan Cobbler	=1.2.0
Michael Dehaan Cobbler	=1.6.8
Michael Dehaan Cobbler	=1.2.8
Michael Dehaan Cobbler	=1.6.6-1
Michael Dehaan Cobbler	=2.0.0
Michael Dehaan Cobbler	=0.2.3
Michael Dehaan Cobbler	=1.2.2
Michael Dehaan Cobbler	=0.2.7
Michael Dehaan Cobbler	=0.3.5
Michael Dehaan Cobbler	=2.0.1-1
Michael Dehaan Cobbler	=0.3.0
Michael Dehaan Cobbler	=1.4.3-4
Michael Dehaan Cobbler	=1.2.6
Michael Dehaan Cobbler	=0.4.0
Michael Dehaan Cobbler	=1.2.3
Michael Dehaan Cobbler	=0.4.3
Michael Dehaan Cobbler	=0.8.1
Michael Dehaan Cobbler	=1.3.3
Michael Dehaan Cobbler	=1.6.3
Michael Dehaan Cobbler	=1.6.8-1
Michael Dehaan Cobbler	=0.2.5
Michael Dehaan Cobbler	=0.8.3
Michael Dehaan Cobbler	=1.0.2-1
Michael Dehaan Cobbler	=1.4.3
Michael Dehaan Cobbler	=1.6.2
Michael Dehaan Cobbler	=2.0.3
Michael Dehaan Cobbler	=0.3.7
Michael Dehaan Cobbler	=1.2.9-1
Michael Dehaan Cobbler	=1.3.3-1
Michael Dehaan Cobbler	=0.6.4
Michael Dehaan Cobbler	=1.6.5
Michael Dehaan Cobbler	=1.6.4-1
Michael Dehaan Cobbler	=0.4.6
Michael Dehaan Cobbler	=0.2.1
Michael Dehaan Cobbler	=0.4.7
Michael Dehaan Cobbler	=1.4.1
Michael Dehaan Cobbler	=0.6.5
Michael Dehaan Cobbler	=2.0.0-1
Michael Dehaan Cobbler	=0.6.1
Michael Dehaan Cobbler	=1.6.1-1
Michael Dehaan Cobbler	=1.2.5
Michael Dehaan Cobbler	=0.1.1.7
Michael Dehaan Cobbler	=1.6.6
Michael Dehaan Cobbler	=1.3.4
Michael Dehaan Cobbler	=1.2.9
Michael Dehaan Cobbler	=1.4.2
Michael Dehaan Cobbler	=0.3.9
Michael Dehaan Cobbler	<=2.0.3.1-2
Michael Dehaan Cobbler	=1.3.1
Michael Dehaan Cobbler	=1.2.8-1
Michael Dehaan Cobbler	=1.3.1-1
Michael Dehaan Cobbler	=2.0.1
Michael Dehaan Cobbler	=0.4.2
Michael Dehaan Cobbler	=1.4.1-1
Michael Dehaan Cobbler	=1.6.3-1
Michael Dehaan Cobbler	=1.3.4-1
Michael Dehaan Cobbler	=1.0.3-1
Michael Dehaan Cobbler	=1.0.0
Michael Dehaan Cobbler	=1.4.2-1
Michael Dehaan Cobbler	=0.5.0
Michael Dehaan Cobbler	=0.6.0
Michael Dehaan Cobbler	=0.3.4
Michael Dehaan Cobbler	=0.2.8
Michael Dehaan Cobbler	=1.2.7
Michael Dehaan Cobbler	=1.4.0
Michael Dehaan Cobbler	=0.2.2
Michael Dehaan Cobbler	=1.6.4
Michael Dehaan Cobbler	=0.4.8
Michael Dehaan Cobbler	=0.6.3
Michael Dehaan Cobbler	=1.4.0-2
Michael Dehaan Cobbler	=1.6.2-1
Michael Dehaan Cobbler	=0.3.1
Michael Dehaan Cobbler	=0.2.9
Michael Dehaan Cobbler	=0.3.3
Michael Dehaan Cobbler	=0.4.5
Michael Dehaan Cobbler	=2.0.3.1
Michael Dehaan Cobbler	=0.3.6
Michael Dehaan Cobbler	=1.6.5-1

Remedy

http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-4512?
CVE-2010-4512 has a medium severity rating as it allows local users to exploit unwanted permissions.
How do I fix CVE-2010-4512?
To fix CVE-2010-4512, update Cobbler to version 2.0.4 or later, which addresses the incorrect umask configuration.
Which versions of Cobbler are affected by CVE-2010-4512?
CVE-2010-4512 affects Cobbler versions prior to 2.0.4, including 1.0.2, 1.6.1, and several others.
What impact does CVE-2010-4512 have on file permissions?
CVE-2010-4512 allows unintended world writable permissions, potentially exposing sensitive files to unauthorized access by local users.
Is CVE-2010-4512 a remote access vulnerability?
No, CVE-2010-4512 is a local vulnerability that requires local user access to exploit the issue.

agent/weakness
agent/references
agent/author
agent/severity
agent/type
agent/description
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/remedy
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/michael dehaan
canonical/michael dehaan cobbler
version/michael dehaan cobbler/2.0.3.1-2
version/michael dehaan cobbler/0.1.1.7
version/michael dehaan cobbler/0.2.1
version/michael dehaan cobbler/0.2.2
version/michael dehaan cobbler/0.2.3
version/michael dehaan cobbler/0.2.5
version/michael dehaan cobbler/0.2.7
version/michael dehaan cobbler/0.2.8
version/michael dehaan cobbler/0.2.9
version/michael dehaan cobbler/0.3.0
version/michael dehaan cobbler/0.3.1
version/michael dehaan cobbler/0.3.3
version/michael dehaan cobbler/0.3.4
version/michael dehaan cobbler/0.3.5
version/michael dehaan cobbler/0.3.6
version/michael dehaan cobbler/0.3.7
version/michael dehaan cobbler/0.3.9
version/michael dehaan cobbler/0.4.0
version/michael dehaan cobbler/0.4.2
version/michael dehaan cobbler/0.4.3
version/michael dehaan cobbler/0.4.5
version/michael dehaan cobbler/0.4.6
version/michael dehaan cobbler/0.4.7
version/michael dehaan cobbler/0.4.8
version/michael dehaan cobbler/0.5.0
version/michael dehaan cobbler/0.6.0
version/michael dehaan cobbler/0.6.1
version/michael dehaan cobbler/0.6.3
version/michael dehaan cobbler/0.6.4
version/michael dehaan cobbler/0.6.5
version/michael dehaan cobbler/0.8.1
version/michael dehaan cobbler/0.8.3
version/michael dehaan cobbler/1.0.0
version/michael dehaan cobbler/1.0.2
version/michael dehaan cobbler/1.0.2-1
version/michael dehaan cobbler/1.0.3-1
version/michael dehaan cobbler/1.2.0
version/michael dehaan cobbler/1.2.2
version/michael dehaan cobbler/1.2.3
version/michael dehaan cobbler/1.2.5
version/michael dehaan cobbler/1.2.6
version/michael dehaan cobbler/1.2.7
version/michael dehaan cobbler/1.2.8
version/michael dehaan cobbler/1.2.8-1
version/michael dehaan cobbler/1.2.9
version/michael dehaan cobbler/1.2.9-1
version/michael dehaan cobbler/1.3.1
version/michael dehaan cobbler/1.3.1-1
version/michael dehaan cobbler/1.3.3
version/michael dehaan cobbler/1.3.3-1
version/michael dehaan cobbler/1.3.4
version/michael dehaan cobbler/1.3.4-1
version/michael dehaan cobbler/1.4.0
version/michael dehaan cobbler/1.4.0-2
version/michael dehaan cobbler/1.4.1
version/michael dehaan cobbler/1.4.1-1
version/michael dehaan cobbler/1.4.2
version/michael dehaan cobbler/1.4.2-1
version/michael dehaan cobbler/1.4.3
version/michael dehaan cobbler/1.4.3-4
version/michael dehaan cobbler/1.6.1
version/michael dehaan cobbler/1.6.1-1
version/michael dehaan cobbler/1.6.2
version/michael dehaan cobbler/1.6.2-1
version/michael dehaan cobbler/1.6.3
version/michael dehaan cobbler/1.6.3-1
version/michael dehaan cobbler/1.6.4
version/michael dehaan cobbler/1.6.4-1
version/michael dehaan cobbler/1.6.5
version/michael dehaan cobbler/1.6.5-1
version/michael dehaan cobbler/1.6.6
version/michael dehaan cobbler/1.6.6-1
version/michael dehaan cobbler/1.6.8
version/michael dehaan cobbler/1.6.8-1
version/michael dehaan cobbler/2.0.0
version/michael dehaan cobbler/2.0.0-1
version/michael dehaan cobbler/2.0.1
version/michael dehaan cobbler/2.0.1-1
version/michael dehaan cobbler/2.0.3
version/michael dehaan cobbler/2.0.3.1

CVE-2010-4512

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-4512?

How do I fix CVE-2010-4512?

Which versions of Cobbler are affected by CVE-2010-4512?

What impact does CVE-2010-4512 have on file permissions?

Is CVE-2010-4512 a remote access vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-4512?

How do I fix CVE-2010-4512?

Which versions of Cobbler are affected by CVE-2010-4512?

What impact does CVE-2010-4512 have on file permissions?

Is CVE-2010-4512 a remote access vulnerability?