Lucene search

PRIOn knowledge basePRION:CVE-2011-3869

HistoryOct 27, 2011 - 8:55 p.m.

Design/Logic Flaw

2011-10-2720:55:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.

CPENameOperatorVersion
puppeteq2.6.0
puppeteq2.6.1
puppeteq2.6.2
puppeteq2.6.3
puppeteq2.6.4
puppeteq2.6.5
puppeteq2.6.6
puppeteq2.6.7
puppeteq2.6.8
puppeteq2.6.9

Name	Operator	Version
puppet	eq	2.6.0
puppet	eq	2.6.1
puppet	eq	2.6.2
puppet	eq	2.6.3
puppet	eq	2.6.4
puppet	eq	2.6.5
puppet	eq	2.6.6
puppet	eq	2.6.7
puppet	eq	2.6.8
puppet	eq	2.6.9

Rows per page:

1-10 of 231

References

secunia.com/advisories/46458

www.debian.org/security/2011/dsa-2314

www.ubuntu.com/usn/USN-1223-1

www.ubuntu.com/usn/USN-1223-2

groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb

lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html

lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html

lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html

puppet.com/security/cve/cve-2011-3869

6.6 Medium

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for PRION:CVE-2011-3869