Lucene search
MitreCVELIST:CVE-2011-3871HistoryOct 27, 2011 - 8:00 p.m.
CVE-2011-3871
2011-10-2720:00:00
mitre
www.cve.org
7
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
References
groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
secunia.com/advisories/46458
www.debian.org/security/2011/dsa-2314
www.ubuntu.com/usn/USN-1223-1
www.ubuntu.com/usn/USN-1223-2
puppet.com/security/cve/cve-2011-3871
Related
rubygems
rubygems
Puppet uses predictable filenames, allowing arbitrary file overwrite
2011-10-26 20:00:00
osv
osv
Puppet uses predictable filenames, allowing arbitrary file overwrite
2022-05-14 00:56:55
puppet - several
2011-10-03 00:00:00
debiancve
debiancve
CVE-2011-3871
2011-10-27 20:55:01
prion
prion
Code injection
2011-10-27 20:55:00
nvd
nvd
CVE-2011-3871
2011-10-27 20:55:01
ubuntucve
ubuntucve
CVE-2011-3871
2011-10-01 00:00:00
github
github
Puppet uses predictable filenames, allowing arbitrary file overwrite
2022-05-14 00:56:55
cve
cve
CVE-2011-3871
2011-10-27 20:55:01
nessus
nessus
Amazon Linux AMI : puppet (ALAS-2011-11)
2013-09-04 00:00:00
Fedora 14 : puppet-2.6.6-3.fc14 (2011-13633)
2011-10-17 00:00:00
Ubuntu 10.04 LTS : puppet regression (USN-1223-2)
2011-10-06 00:00:00
openvas
openvas
Ubuntu Update for puppet USN-1223-2
2011-10-10 00:00:00
Ubuntu: Security Advisory (USN-1223-2)
2011-10-10 00:00:00
Ubuntu Update for puppet USN-1223-1
2011-10-04 00:00:00
ubuntu
ubuntu
Puppet vulnerabilities
2011-09-30 00:00:00
Puppet regression
2011-10-05 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: puppet-2.6.6-3.fc16
2011-10-16 00:58:38
[SECURITY] Fedora 15 Update: puppet-2.6.6-3.fc15
2011-10-15 20:25:52
[SECURITY] Fedora 14 Update: puppet-2.6.6-3.fc14
2011-10-15 20:28:07
amazon
amazon
Medium: puppet
2011-10-31 18:22:00
securityvulns
securityvulns
[USN-1223-1] Puppet vulnerabilities
2011-10-01 00:00:00
Puppet multiple security vulnerabilities
2011-11-27 00:00:00
debian
debian
[SECURITY] [DSA 2314-1] puppet security update
2011-10-03 17:13:49
[BSA-051] Security update for puppet
2011-10-03 14:58:37
gentoo
gentoo
Puppet: Multiple vulnerabilities
2012-03-06 00:00:00