13 matches found
Mageia: Security Advisory (MGASA-2013-0259)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for puppet FEDORA-2014-0850
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Puppet 2.7.x / 3.2.x < 2.7.23 / 3.2.4 and Enterprise 2.8.x / 3.0.x < 2.8.3 / 3.0.1 Multiple Vulnerabilities
According to its self-reported version number, the Puppet install on the remote host has multiple vulnerabilities: - By using the 'resourcetype' service, an attacker could cause Puppet to load arbitrary Ruby files from the Puppet Master node's file system. While this behavior is not enabled by...
[USN-1928-1] Puppet vulnerabilities
========================================================================== Ubuntu Security Notice USN-1928-1 August 15, 2013 puppet vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Critical: Red Hat Security Advisory: ruby193-puppet security update
Updated ruby193-puppet packages that fix three security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Debian DSA-2761-1 : puppet - several vulnerabilities
Several vulnerabilities were discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4761 The 'resourcetype' service disabled by default could be used to make puppet load arbitrary Ruby co...
[SECURITY] [DSA 2761-1] puppet security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2761-1 [email protected] http://www.debian.org/security/ Raphael Geissert September 19, 2013 http://www.debian.org/security/faq -...
DSA-2761-1 puppet - several
Bulletin has no description...
CVE-2013-4956
Puppet Module Tool PMT, as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to rea...
CVE-2013-4956
CVE-2013-4761 and CVE-2013-4956 affect Puppet and Puppet Enterprise. The resource_type service flaw could allow a local attacker to cause the Puppet Master to load arbitrary Ruby code from the master filesystem, given access to the Puppet Master. Puppet Module Tool (PMT) can install modules with ...
Ubuntu Update for puppet USN-1928-1
Check for the Version of puppet OpenVAS Vulnerability Test $Id: gbubuntuUSN19281.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for puppet USN-1928-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software;...
Ubuntu 12.04 LTS / 12.10 / 13.04 : puppet vulnerabilities (USN-1928-1)
It was discovered that Puppet incorrectly handled the resourcetype service. A local attacker on the master could use this issue to execute arbitrary Ruby files. CVE-2013-4761 It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with...
Ubuntu: Security Advisory (USN-1928-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...