Gentoo Security Advisory GLSA 201208-02 (Puppet)

The remote host is missing updates announced in advisory GLSA 201208-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CVE-2012-1906

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

DEBIAN-CVE-2012-1906

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

CVE-2012-1906

CVE-2012-1906 affects Puppet 2.6.x (before 2.6.15), 2.7.x (before 2.7.13), and Puppet Enterprise users 1.0–2.5.x before 2.5.1. The root cause is the use of predictable file names when installing Mac OS X packages from a remote source, enabling a local attacker to overwrite arbitrary files or inst...

FreeBSD Ports: puppet

The remote host is missing an update to the system as announced in the referenced advisory. VID 607d2108-a0e4-423a-bf78-846f2a8f01b0 OpenVAS Vulnerability Test $ Description: Auto generated from VID 607d2108-a0e4-423a-bf78-846f2a8f01b0 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2451-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2451-1] puppet security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2451-1 [email protected] http://www.debian.org/security/ Nico Golde April 13, 2012 http://www.debian.org/security/faq -...

USN-1419-1: Puppet vulnerabilities

It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. CVE-2012-1906 It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this t...