Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.18 views

SuSE 11 Security Update : puppet (SAT Patch Number 2113)

pupped created temporary files with fixed names. Local attacks could exploit that to install symlinks that overwrite files of the victim. CVE-2010-0156 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

3.3CVSS5.3AI score0.00325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/06/02 12:0 a.m.27 views

openSUSE Security Update : puppet (openSUSE-SU-2010:0306-1)

pupped created temporary files with fixed names. Local attacks could exploit that to install symlinks that overwrite files of the victim CVE-2010-0156. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

3.3CVSS5.3AI score0.00325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/06/02 12:0 a.m.22 views

openSUSE Security Update : puppet (openSUSE-SU-2010:0306-1)

pupped created temporary files with fixed names. Local attacks could exploit that to install symlinks that overwrite files of the victim CVE-2010-0156. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

3.3CVSS5.3AI score0.00325EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/03/31 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-917-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS6.5AI score0.00377EPSS
Exploits1References2
securityvulns
securityvulns
added 2010/03/25 12:0 a.m.44 views

[USN-917-1] Puppet vulnerabilities

=========================================================== Ubuntu Security Notice USN-917-1 March 24, 2010 puppet vulnerabilities CVE-2009-3564, CVE-2010-0156 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This...

4.7CVSS0.00377EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2010/03/25 12:0 a.m.26 views

Ubuntu 9.10 : puppet vulnerabilities (USN-917-1)

It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. CVE-2009-3564 It was discovered that Puppet did not correctly handle temporary files. ...

4.7CVSS5.7AI score0.00377EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2010/03/24 12:40 p.m.50 views

USN-917-1: Puppet vulnerabilities

It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. CVE-2009-3564 It was discovered that Puppet did not correctly handle temporary files. ...

4.7CVSS5.4AI score0.00377EPSS
Exploits1
OpenVAS
OpenVAS
added 2010/03/05 12:0 a.m.20 views

Fedora Update for puppet FEDORA-2010-1079

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

3.3CVSS6.5AI score0.00325EPSS
Exploits0References2
CVE
CVE
added 2010/03/03 7:0 p.m.65 views

CVE-2010-0156

CVE-2010-0156 : Puppet 0.24.x up to 0.24.9 and 0.25.x up to 0.25.2 is vulnerable to a local symlink attack that lets unprivileged users overwrite arbitrary files via temporary files: /tmp/daemonout, /tmp/puppetdoc.txt, /tmp/puppetdoc.tex, or /tmp/puppetdoc. Root cause: insecure handling of tempor...

3.3CVSS6.1AI score0.00325EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder