16 matches found
Mageia: Security Advisory (MGASA-2013-0259)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0510-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Solaris Third-Party Patch Update : puppet (multiple_vulnerabilities_in_puppet)
The remote Solaris system is missing necessary patches to address security updates : - Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from t...
Fedora Update for puppet FEDORA-2014-0850
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Puppet 2.7.x / 3.2.x < 2.7.23 / 3.2.4 and Enterprise 2.8.x / 3.0.x < 2.8.3 / 3.0.1 Multiple Vulnerabilities
According to its self-reported version number, the Puppet install on the remote host has multiple vulnerabilities: - By using the 'resourcetype' service, an attacker could cause Puppet to load arbitrary Ruby files from the Puppet Master node's file system. While this behavior is not enabled by...
[USN-1928-1] Puppet vulnerabilities
========================================================================== Ubuntu Security Notice USN-1928-1 August 15, 2013 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Critical: Red Hat Security Advisory: ruby193-puppet security update
Updated ruby193-puppet packages that fix three security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Debian DSA-2761-1 : puppet - several vulnerabilities
Several vulnerabilities were discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4761 The 'resourcetype' service disabled by default could be used to make puppet load arbitrary Ruby co...
[SECURITY] [DSA 2761-1] puppet security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2761-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 19, 2013 http://www.debian.org/security/faq -...
DSA-2761-1 puppet - several
Bulletin has no description...
CVE-2013-4761
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resourcetype service. NOTE: this vulnerability can only be exploited...
CVE-2013-4761
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resourcetype service. NOTE: this vulnerability can only be exploited...
CVE-2013-4761
The CVE-2013-4761 issue affects Puppet and Puppet Enterprise: remote attackers can execute arbitrary Ruby code from the master via the resource_type service, exploiting it only when local file system access to the Puppet Master is possible. Affected lines include Puppet 2.7.x before 2.7.23, 3.2.x...
Ubuntu Update for puppet USN-1928-1
Check for the Version of puppet OpenVAS Vulnerability Test $Id: gbubuntuUSN19281.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for puppet USN-1928-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...
Ubuntu 12.04 LTS / 12.10 / 13.04 : puppet vulnerabilities (USN-1928-1)
It was discovered that Puppet incorrectly handled the resourcetype service. A local attacker on the master could use this issue to execute arbitrary Ruby files. CVE-2013-4761 It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with...
Ubuntu: Security Advisory (USN-1928-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...