Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.35 views

openSUSE Security Update : puppet (openSUSE-SU-2012:0891-1)

puppet was updated to fix various security issues: CVEs fixed : - bnc770828 - CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master - bnc770829 - CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients ...

4.3CVSS5.5AI score0.02453EPSS
Exploits4References9
OpenVAS
OpenVAS
added 2013/04/02 12:0 a.m.28 views

Fedora Update for puppet FEDORA-2013-4187

Check for the Version of puppet OpenVAS Vulnerability Test Fedora Update for puppet FEDORA-2013-4187 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

9CVSS0.2AI score0.05375EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2013/04/02 12:0 a.m.71 views

Fedora Update for puppet FEDORA-2013-4187

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9CVSS8.2AI score0.05375EPSS
Exploits4References2
Amazon
Amazon
added 2012/10/15 12:0 a.m.42 views

Low: puppet

Issue Overview: Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a...

4.3CVSS6AI score0.02453EPSS
Exploits4
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.30 views

Fedora Update for puppet FEDORA-2012-10891

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.3CVSS6.4AI score0.02453EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.30 views

Debian Security Advisory DSA 2511-1 (puppet)

The remote host is missing an update to puppet announced via advisory DSA 2511-1. OpenVAS Vulnerability Test $Id: deb25111.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2511-1 puppet Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS6.3AI score0.02453EPSS
Exploits4
OpenVAS
OpenVAS
added 2012/08/10 12:0 a.m.24 views

Debian: Security Advisory (DSA-2511-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.4AI score0.02453EPSS
Exploits4References3
CVE
CVE
added 2012/08/06 4:0 p.m.116 views

CVE-2012-3866

Puppet 2.7.x before 2.7.18 and Puppet Enterprise before 2.5.2 fix a local information-disclosure issue: last_run_report.yaml is created with 0644 permissions, allowing local users with puppet-master access to read sensitive configuration. The vulnerability is limited to local access; no exploitat...

2.1CVSS5.5AI score0.00481EPSS
Exploits1References7Affected Software2
Debian CVE
Debian CVE
added 2012/08/06 4:0 p.m.30 views

CVE-2012-3866

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for lastrunreport.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file...

2.1CVSS5.6AI score0.00481EPSS
Exploits1
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.32 views

Fedora Update for puppet FEDORA-2012-10897

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS6.8AI score0.02632EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2012/07/12 5:1 p.m.51 views

USN-1506-1: Puppet vulnerabilities

It was discovered that Puppet incorrectly handled certain HTTP GET requests. An attacker could use this flaw with a valid client certificate to retrieve arbitrary files from the Puppet primary server. CVE-2012-3864 It was discovered that Puppet incorrectly handled Delete requests. If a Puppet...

4.3CVSS5.6AI score0.02453EPSS
Exploits4
Rows per page
Query Builder