Nixpkgs Security Tracker

Untriaged

Permalink CVE-2012-0433

created 1 month ago

insecure permissions on files containing confidential data

The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data.

References

https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=783195 x_transferred x_refsource_CONFIRM
https://www.suse.com/security/cve/CVE-2012-0433/ x_transferred x_refsource_CONFIRM

Affected products

crowbar

<2012-10-02

Matching in nixpkgs

pkgs.crowbar

Brute forcing tool that can be used during penetration tests

nixos-unstable 2020-04-23
- nixpkgs-unstable 2020-04-23
- nixos-unstable-small 2020-04-23
nixos-25.11 2020-04-23
- nixos-25.11-small 2020-04-23
- nixpkgs-25.11-darwin 2020-04-23

pkgs.ocamlPackages.crowbar

Property fuzzing for OCaml

nixos-unstable 0.2.2
- nixpkgs-unstable 0.2.2
- nixos-unstable-small 0.2.2
nixos-25.11 0.2.1
- nixos-25.11-small 0.2.1
- nixpkgs-25.11-darwin 0.2.1

pkgs.ocamlPackages_latest.crowbar