Vulnerability Name:

CVE-2012-2653 (CCN-76536)

Assigned:2012-06-19
Published:2012-06-19
Updated:2016-11-28
Summary:arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2012-2653

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-8677

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-8702

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-8675

Source: DEBIAN
Type: UNKNOWN
DSA-2481

Source: DEBIAN
Type: DSA-2481
arpwatch -- fails to drop supplementary groups

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:113

Source: MLIST
Type: UNKNOWN
[oss-security] 20120524 Re: CVE Request: powerdns does not clear supplementary groups

Source: MLIST
Type: UNKNOWN
[oss-security] 20120525 Re: CVE Request: powerdns does not clear supplementary groups

Source: MLIST
Type: UNKNOWN
[oss-security] 20120524 Re: CVE Request: powerdns does not clear supplementary groups

Source: MLIST
Type: UNKNOWN
[oss-security] 20120525 Re: CVE Request: powerdns does not clear supplementary groups

Source: CCN
Type: OSVDB ID: 82752
arpwatch on Red Hat Linux Group Privilege Escalation

Source: CCN
Type: BID-54157
arpwatch CVE-2012-2653 Security Bypass Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 825328
CVE-2012-2653 arpwatch: fails to drop supplementary groups

Source: XF
Type: UNKNOWN
arpwatch-supplementary-security-bypass(76536)

Source: GENTOO
Type: UNKNOWN
GLSA-201607-16

Source: CCN
Type: IBM Security Bulletin 6526534 (App Connect Professional)
WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in busybox, arpwatch, apr, acpid, augeas, firefox, ctdb.

Vulnerable Configuration:Configuration 1:
  • cpe:/a:lawrence_berkeley_national_laboratory:arpwatch:2.1a15:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:websphere_cast_iron:7.5.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect:7.5.2.0:*:*:*:professional:*:*:*
  • OR cpe:/a:ibm:app_connect:7.5.3.0:*:*:*:professional:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20122653
    V
    		CVE-2012-2653
    2022-05-20
    oval:org.opensuse.security:def:32229
    P
    		Security update for ruby2.1 (Important)
    2021-12-01
    oval:org.opensuse.security:def:32153
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-07-27
    oval:org.opensuse.security:def:32142
    P
    		Security update for systemd (Important)
    2021-07-21
    oval:org.opensuse.security:def:33646
    P
    		Security update for avahi (Important)
    2021-06-03
    oval:org.opensuse.security:def:32925
    P
    		Security update for hivex (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:32969
    P
    		Security update for python36 (Important)
    2021-02-01
    oval:org.opensuse.security:def:32141
    P
    		Security update for MozillaFirefox (Important)
    2021-01-29
    oval:org.opensuse.security:def:28920
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:32902
    P
    		Security update for openldap2 (Moderate)
    2021-01-14
    oval:org.opensuse.security:def:28859
    P
    		Security update for postgresql12 (Important)
    2020-12-04
    oval:org.opensuse.security:def:28771
    P
    		Security update for libtasn1
    2020-12-01
    oval:org.opensuse.security:def:32457
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28143
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:33607
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32601
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28339
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32814
    P
    		zoo on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28481
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29594
    P
    		Security update for arpwatch
    2020-12-01
    oval:org.opensuse.security:def:28717
    P
    		Security update for kdebase4-workspace
    2020-12-01
    oval:org.opensuse.security:def:32363
    P
    		Security update for sudo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28132
    P
    		Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28820
    P
    		Security update for Python
    2020-12-01
    oval:org.opensuse.security:def:32514
    P
    		ft2demos on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28209
    P
    		Security update for libmspack (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28876
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32757
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28424
    P
    		Security update for wireshark (Low)
    2020-12-01
    oval:org.opensuse.security:def:29558
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:32863
    P
    		freetype2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28565
    P
    		Security update for kdelibs4
    2020-12-01
    oval:org.opensuse.security:def:28131
    P
    		Security update for imlib2 (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:18519
    P
    		DSA-2481-1 arpwatch - fails to drop supplementary groups
    2014-06-23
    oval:com.ubuntu.precise:def:20122653000
    V
    		CVE-2012-2653 on Ubuntu 12.04 LTS (precise) - medium.
    2012-07-12
    BACK
    lawrence_berkeley_national_laboratory arpwatch 2.1a15
    ibm websphere cast iron 7.5.1.0
    ibm app connect 7.5.2.0
    ibm app connect 7.5.3.0