Lucene search
K

131 matches found

UbuntuCve
UbuntuCve
added 2017/06/30 8:29 p.m.18 views

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

9CVSS7.2AI score0.0218EPSS
Exploits0References3
Prion
Prion
added 2017/06/30 8:29 p.m.17 views

Path traversal

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

4.3CVSS6.5AI score0.01494EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/06/30 8:29 p.m.12 views

Code injection

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

7.5CVSS9.2AI score0.0218EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/06/30 8:29 p.m.15 views

CVE-2017-2298

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

6.5CVSS6.5AI score0.01494EPSS
Exploits0References3
OSV
OSV
added 2017/06/30 8:29 p.m.10 views

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

9CVSS7.4AI score0.0218EPSS
Exploits0References2
OSV
OSV
added 2017/06/30 8:29 p.m.20 views

CVE-2017-2298

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

6.5CVSS7AI score0.01494EPSS
Exploits0References3
OSV
OSV
added 2017/06/30 8:29 p.m.4 views

UBUNTU-CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

9CVSS7.8AI score0.0218EPSS
Exploits0References4
CVE
CVE
added 2017/06/30 8:0 p.m.72 views

CVE-2017-2292

CVE-2017-2292 affects MCollective prior to 2.10.4, where YAML from agents was deserialized without safe_load, enabling potential arbitrary code execution on the server. The documented fix is to use YAML.safe_load on input. This issue has been tested with Puppet-provided MCollective plugins, but t...

9CVSS9.1AI score0.0218EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/06/30 8:0 p.m.31 views

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

9CVSS9.3AI score0.0218EPSS
Exploits0
Cvelist
Cvelist
added 2017/06/30 8:0 p.m.21 views

CVE-2017-2292

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safeload, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safeload on input. This has been tested in all Puppet-supplied MCollective plugins, but there is a...

9.2AI score0.0218EPSS
Exploits0References2
CVE
CVE
added 2017/06/30 8:0 p.m.59 views

CVE-2017-2298

The CVE-2017-2298 entry concerns the mcollective-sshkey-security plugin for Puppet prior to version 0.5.1. The root cause is that the plugin uses a server-specified identifier as part of the path where a file is written, enabling a compromised server to cause a file to be written to an arbitrary ...

6.5CVSS6.5AI score0.01494EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/06/30 8:0 p.m.25 views

CVE-2017-2298

The mcollective-sshkey-security plugin before 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string "pub.pem"...

6.6AI score0.01494EPSS
Exploits0References3
CNVD
CNVD
added 2017/03/07 12:0 a.m.3 views

mcollective-puppet-agent elevation of privilege vulnerability

Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the United States, which can be used to manage configuration files, users, cron tasks, packages, system services, etc. mcollective-puppet-agent is a framework used to run agents in Puppet...

9CVSS6.8AI score0.01226EPSS
Exploits0References1
NVD
NVD
added 2017/03/03 3:59 p.m.11 views

CVE-2017-2290

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-age...

9CVSS8.7AI score0.01226EPSS
Exploits0References2
Prion
Prion
added 2017/03/03 3:59 p.m.9 views

Design/Logic Flaw

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-age...

9CVSS8.6AI score0.01226EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/03/03 3:59 p.m.12 views

CVE-2017-2290

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-age...

8.8CVSS6.8AI score0.01226EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/03/03 3:0 p.m.17 views

CVE-2017-2290

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-age...

8.7AI score0.01226EPSS
Exploits0References2
CVE
CVE
added 2017/03/03 3:0 p.m.49 views

CVE-2017-2290

On Windows installations of the mcollective-puppet-agent plugin (version 1.12.0), a non-administrator can place an executable that will run with administrator privileges on the next mco puppet run. Puppet Enterprise users are not affected. The issue is resolved in mcollective-puppet-agent 1.12.1....

9CVSS8.6AI score0.01226EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/02/13 6:59 p.m.21 views

CVE-2016-2788

MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command...

9.8CVSS9.7AI score0.02284EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/02/13 6:59 p.m.14 views

CVE-2016-2788

MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command...

9.8CVSS7.6AI score0.02284EPSS
Exploits0References2
Rows per page
Query Builder