14 DAY TRIAL // On November 6, Canonical published details about MAAS vulnerabilities for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS.
According to the company, MAAS could have been made to run programs as an administrator.
It has been discovered that maas-import-pxe-files incorrectly loaded configuration information from the current working directory. A local attacker could execute code as an administrator if maas-import-pxe-files were run from an attacker-controlled directory
For a more detailed description of the security problems, you can visit Canonical's security notification.
Users can simply fix the security flaws by upgrading the operating systems to the latest maas-cluster-controller packages specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. A restart of your computer is needed to complete the procedure.