CVE-2010-4512

Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories.

Published: Dec 9, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4512
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
michael_dehaan / cobbler	1.0.2	1.0.2.x
michael_dehaan / cobbler	1.6.1	1.6.1.x
michael_dehaan / cobbler	1.2.0	1.2.0.x
michael_dehaan / cobbler	1.6.8	1.6.8.x
michael_dehaan / cobbler	1.2.8	1.2.8.x
michael_dehaan / cobbler	1.6.6-1	1.6.6-1.x
michael_dehaan / cobbler	2.0.0	2.0.0.x
michael_dehaan / cobbler	0.2.3	0.2.3.x
michael_dehaan / cobbler	1.2.2	1.2.2.x
michael_dehaan / cobbler	0.2.7	0.2.7.x
michael_dehaan / cobbler	0.3.5	0.3.5.x
michael_dehaan / cobbler	2.0.1-1	2.0.1-1.x
michael_dehaan / cobbler	0.3.0	0.3.0.x
michael_dehaan / cobbler	1.4.3-4	1.4.3-4.x
michael_dehaan / cobbler	1.2.6	1.2.6.x
michael_dehaan / cobbler	0.4.0	0.4.0.x
michael_dehaan / cobbler	1.2.3	1.2.3.x
michael_dehaan / cobbler	0.4.3	0.4.3.x
michael_dehaan / cobbler	0.8.1	0.8.1.x
michael_dehaan / cobbler	1.3.3	1.3.3.x
michael_dehaan / cobbler	1.6.3	1.6.3.x
michael_dehaan / cobbler	1.6.8-1	1.6.8-1.x
michael_dehaan / cobbler	0.2.5	0.2.5.x
michael_dehaan / cobbler	0.8.3	0.8.3.x
michael_dehaan / cobbler	1.0.2-1	1.0.2-1.x
michael_dehaan / cobbler	1.4.3	1.4.3.x
michael_dehaan / cobbler	1.6.2	1.6.2.x
michael_dehaan / cobbler	2.0.3	2.0.3.x
michael_dehaan / cobbler	0.3.7	0.3.7.x
michael_dehaan / cobbler	1.2.9-1	1.2.9-1.x
michael_dehaan / cobbler	1.3.3-1	1.3.3-1.x
michael_dehaan / cobbler	0.6.4	0.6.4.x
michael_dehaan / cobbler	1.6.5	1.6.5.x
michael_dehaan / cobbler	1.6.4-1	1.6.4-1.x
michael_dehaan / cobbler	0.4.6	0.4.6.x
michael_dehaan / cobbler	0.2.1	0.2.1.x
michael_dehaan / cobbler	0.4.7	0.4.7.x
michael_dehaan / cobbler	1.4.1	1.4.1.x
michael_dehaan / cobbler	0.6.5	0.6.5.x
michael_dehaan / cobbler	2.0.0-1	2.0.0-1.x
michael_dehaan / cobbler	0.6.1	0.6.1.x
michael_dehaan / cobbler	1.6.1-1	1.6.1-1.x
michael_dehaan / cobbler	1.2.5	1.2.5.x
michael_dehaan / cobbler	0.1.1.7	0.1.1.7.x
michael_dehaan / cobbler	1.6.6	1.6.6.x
michael_dehaan / cobbler	1.3.4	1.3.4.x
michael_dehaan / cobbler	1.2.9	1.2.9.x
michael_dehaan / cobbler	1.4.2	1.4.2.x
michael_dehaan / cobbler	0.3.9	0.3.9.x
michael_dehaan / cobbler	-	2.0.3.1-2.x
michael_dehaan / cobbler	1.3.1	1.3.1.x
michael_dehaan / cobbler	1.2.8-1	1.2.8-1.x
michael_dehaan / cobbler	1.3.1-1	1.3.1-1.x
michael_dehaan / cobbler	2.0.1	2.0.1.x
michael_dehaan / cobbler	0.4.2	0.4.2.x
michael_dehaan / cobbler	1.4.1-1	1.4.1-1.x
michael_dehaan / cobbler	1.6.3-1	1.6.3-1.x
michael_dehaan / cobbler	1.3.4-1	1.3.4-1.x
michael_dehaan / cobbler	1.0.3-1	1.0.3-1.x
michael_dehaan / cobbler	1.0.0	1.0.0.x
michael_dehaan / cobbler	1.4.2-1	1.4.2-1.x
michael_dehaan / cobbler	0.5.0	0.5.0.x
michael_dehaan / cobbler	0.6.0	0.6.0.x
michael_dehaan / cobbler	0.3.4	0.3.4.x
michael_dehaan / cobbler	0.2.8	0.2.8.x
michael_dehaan / cobbler	1.2.7	1.2.7.x
michael_dehaan / cobbler	1.4.0	1.4.0.x
michael_dehaan / cobbler	0.2.2	0.2.2.x
michael_dehaan / cobbler	1.6.4	1.6.4.x
michael_dehaan / cobbler	0.4.8	0.4.8.x
michael_dehaan / cobbler	0.6.3	0.6.3.x
michael_dehaan / cobbler	1.4.0-2	1.4.0-2.x
michael_dehaan / cobbler	1.6.2-1	1.6.2-1.x
michael_dehaan / cobbler	0.3.1	0.3.1.x
michael_dehaan / cobbler	0.2.9	0.2.9.x
michael_dehaan / cobbler	0.3.3	0.3.3.x
michael_dehaan / cobbler	0.4.5	0.4.5.x
michael_dehaan / cobbler	2.0.3.1	2.0.3.1.x
michael_dehaan / cobbler	0.3.6	0.3.6.x
michael_dehaan / cobbler	1.6.5-1	1.6.5-1.x

Vulnerability Database

289,697

CVE-2010-4512