logo
DATABASE RESOURCES PRICING ABOUT US

Ubuntu 10.04 LTS : puppet regression (USN-1223-2)

Description

USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on Ubuntu 10.04 LTS that caused permission denied errors when managing SSH authorized_keys files with Puppet. This update fixes the problem. We apologize for the inconvenience. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. (CVE-2011-3869) Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. (CVE-2011-3870) It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. (CVE-2011-3871). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related