CVE-2012-3537

N/A Unknown
Published: September 05, 2012 Modified: April 29, 2026
View on NVD

Description

The Crowbar Ohai plugin (chef/cookbooks/ohai/files/default/plugins/crowbar.rb) in the Deployer Barclamp in Crowbar, possibly 1.4 and earlier, allows local users to execute arbitrary shell commands via vectors related to "insecure handling of tmp files" and predictable file names.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/84955
Source: secalert@redhat.com
http://secunia.com/advisories/50442
Source: secalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/08/27/5
Source: secalert@redhat.com
http://www.openwall.com/lists/oss-security/2012/08/27/7
Source: secalert@redhat.com
http://www.securityfocus.com/bid/55240
Source: secalert@redhat.com
https://bugzilla.novell.com/show_bug.cgi?id=774967
Source: secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
Source: secalert@redhat.com
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
Source: secalert@redhat.com
Exploit Patch
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
Source: secalert@redhat.com
Exploit Patch
https://github.com/dellcloudedge/barclamp-deployer/pull/57
Source: secalert@redhat.com
http://osvdb.org/84955
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/50442
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/08/27/5
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2012/08/27/7
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/55240
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.novell.com/show_bug.cgi?id=774967
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/78041
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/SUSE-Cloud/barclamp-deployer/commit/5ea8d4ddaa4cb1ce834d36889f0fe7ac0d617bc8
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://github.com/SUSE-Cloud/barclamp-deployer/commit/b6454268a067fc77ff5de82057b5b53b3cc38b87
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://github.com/dellcloudedge/barclamp-deployer/pull/57
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.6%
44th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

dell

Related CVEs

CVE-2026-8023 7.5
CVE-2026-7656 8.1
CVE-2026-51219 N/A
CVE-2026-51218 N/A
CVE-2026-10648 6.2