Bug 846503 - (CVE-2012-3460) CVE-2012-3460 cumin: postgresql database user created without password
CVE-2012-3460 cumin: postgresql database user created without password
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20150206,repo...
: Security
Depends On: 846345
Blocks: 808230
  Show dependency treegraph
 
Reported: 2012-08-07 21:21 EDT by Vincent Danen
Modified: 2015-02-06 18:09 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-02-06 18:08:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2012-08-07 21:21:49 EDT
Florian Weimer reported that, when Cumin is installed, it creates a "cumin" PostgreSQL user and changes pg_hba.conf so that no password is required for authentication.  This could be used to bypass role separation in Cumin; for instance in a setup where condor_schedd runs on the same machine as Cumin and a regular Cumin user could submit a job that connects to the PostgreSQL database and alters the database in such a way as to give the regular user administrative privileges.

Note You need to log in before you can comment on or make changes to this bug.