SUSE: Security Advisory (SUSE-SU-2012:0325-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for puppet FEDORA-2012-2325

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for puppet FEDORA-2012-10897

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-1053

The changeuser method in the SUIDManager lib/puppet/util/suidmanager.rb in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors...

CVE-2012-1053

CVE-2012-1053 affects Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, plus Puppet Enterprise (PE) Users 1.0–2.0.x before 2.0.3. The vulnerability lies in the SUIDManager’s change_user method, which fails to drop supplementary groups in certain cases, allows eguid/egid mismatches, and can add ...

Fedora Update for puppet FEDORA-2012-6055

Check for the Version of puppet OpenVAS Vulnerability Test Fedora Update for puppet FEDORA-2012-6055 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for puppet FEDORA-2012-5999

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for puppet FEDORA-2012-2415

Check for the Version of puppet OpenVAS Vulnerability Test Fedora Update for puppet FEDORA-2012-2415 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for puppet FEDORA-2012-2415

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[BSA-065] Security Update for puppet

Micah Anderson uploaded new packages for puppet which fixed the following security problems: CVE-2012-1053 and CVE-2012-1054 CVE-2012-1053 Puppet runs execs with an unintended group privileges, potentially leading to privilege escalation. CVE-2012-1054 The k5login type writes to untrusted...

Debian Security Advisory DSA 2419-1 (puppet)

The remote host is missing an update to puppet announced via advisory DSA 2419-1. OpenVAS Vulnerability Test $Id: deb24191.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2419-1 puppet Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Fedora 16 : puppet-2.6.14-1.fc16 (2012-2415)

Please refer to the upstream release notes for details : http://projects.puppetlabs.com/projects/1/wiki/ReleaseNotes2.6.14 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

Fedora 15 : puppet-2.6.14-1.fc15 (2012-2367)

Please refer to the upstream release notes for details : http://projects.puppetlabs.com/projects/1/wiki/ReleaseNotes2.6.14 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

[SECURITY] [DSA 2419-1] puppet security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2419-1 [email protected] http://www.debian.org/security/ Florian Weimer February 27, 2012 http://www.debian.org/security/faq -...

SuSE 11.1 Security Update : puppet (SAT Patch Number 5876)

This update of puppet fixes two vulnerabilities that could potentially be exploited by local attackers to escalate privileges due to improper privilege dropping and file handling issues symlink flaws in puppet. CVE-2012-1053 / CVE-2012-1054 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Debian DSA-2419-1 : puppet - several vulnerabilities

Two vulnerabilities were discovered in Puppet, a centralized configuration management tool. - CVE-2012-1053 Puppet runs execs with an unintended group privileges, potentially leading to privilege escalation. - CVE-2012-1054 The k5login type writes to untrusted locations, enabling local users to...

[SECURITY] [DSA 2419-1] puppet security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2419-1 [email protected] http://www.debian.org/security/ Florian Weimer February 27, 2012 http://www.debian.org/security/faq -...