CVE-2012-2653 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-2653 Interim 1 17 2023-12-08T02:52:12Z current 2021-05-30T13:03:50Z 2023-12-08T02:52:12Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-2653 arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2012-August/000205.html E-Mail link for SUSE-SU-2012:0987-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Server 11 SP1-TERADATA arpwatch-2.1a15-131.23.2.1 arpwatch-2.1a15-131.23.2.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon. CVE-2012-2653 SUSE Linux Enterprise Server 11 SP1-TERADATA:arpwatch-2.1a15-131.23.2.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C