GitHub Advisory DatabaseGHSA-MPMX-GM5V-Q789Puppet uses predictable filenames, allowing arbitrary file overwrite
6.6 Medium
AI Score
Confidence
Low
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
References
groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
www.debian.org/security/2011/dsa-2314
www.ubuntu.com/usn/USN-1223-1
www.ubuntu.com/usn/USN-1223-2
github.com/advisories/GHSA-mpmx-gm5v-q789
github.com/puppetlabs/puppet/commit/343c7bd381b63e042d437111718918f951d9b30d
github.com/puppetlabs/puppet/commit/d76c30935460ded953792dfe49f72b8c5158e899
github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3871.yml
nvd.nist.gov/vuln/detail/CVE-2011-3871
puppet.com/security/cve/cve-2011-3871
Related
6.6 Medium
AI Score
Confidence
Low
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%