Lucene search
K

16 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.2 views

SUSE CVE-2013-4969

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise PE before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files...

2.1CVSS6.7AI score0.00428EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2014-0084)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS6.6AI score0.00428EPSS
Exploits1References5
OSV
OSV
added 2014/06/30 3:48 p.m.14 views

SUSE-RU-2015:0696-1 Security update for puppet

Puppet was updated to fix the following security issues: Unsafe use of temporary files. CVE-2013-4969 Arbitrary code execution with required social engineering. CVE-2014-3248, CVE-2014-3250 Security Issues references: CVE-2014-3248 CVE-2013-4969 CVE-2014-3250...

7.5CVSS6.8AI score0.03408EPSS
Exploits2References15
Tenable Nessus
Tenable Nessus
added 2014/03/21 12:0 a.m.39 views

Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise 3.x install on the remote host is prior to 3.1.1. As a result, it is reportedly affected by multiple vulnerabilities : - An input validation error exists related to the included Ruby version, handling string to floating point...

6.8CVSS8AI score0.34968EPSS
Exploits6References15
OSV
OSV
added 2014/02/19 9:15 p.m.8 views

MGASA-2014-0084 Updated puppet & puppet3 packages fix CVE-2013-4969 and a regression

Updated puppet and puppet3 packages fix security vulnerability: An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system CVE-2013-4969. This update also...

2.1CVSS6.6AI score0.00428EPSS
Exploits1References4
Mageia
Mageia
added 2014/02/19 9:15 p.m.38 views

Updated puppet & puppet3 packages fix CVE-2013-4969 and a regression

Updated puppet and puppet3 packages fix security vulnerability: An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system CVE-2013-4969. This update also...

2.1CVSS2AI score0.00428EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/02/05 12:0 a.m.36 views

Amazon Linux AMI : puppet (ALAS-2014-288)

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise PE before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fro...

2.1CVSS6.3AI score0.00428EPSS
Exploits1References2
Amazon
Amazon
added 2014/02/03 12:0 a.m.38 views

Low: puppet

Issue Overview: Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise PE before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. Affected Packages: puppet Issue Correction: Run yum update puppet or yum update --advisory...

2.1CVSS6.5AI score0.00428EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/01/27 12:0 a.m.29 views

Fedora Update for puppet FEDORA-2014-0850

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.4AI score0.01643EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/01/24 12:0 a.m.27 views

Fedora 19 : puppet-3.4.2-1.fc19 (2014-0850)

Update to 3.4.2 to mitigate CVE-2013-4969 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

2.1CVSS6.4AI score0.00428EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/01/24 12:0 a.m.24 views

Fedora 20 : puppet-3.4.2-1.fc20 (2014-0825)

Update to 3.4.2 to mitigate CVE-2013-4969 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

2.1CVSS6.4AI score0.00428EPSS
Exploits1References3
CVE
CVE
added 2014/01/07 6:0 p.m.106 views

CVE-2013-4969

CVE-2013-4969 affects Puppet before 3.3.3 and 3.4 before 3.4.1, and Puppet Enterprise before 2.8.4 and 3.1 before 3.1.1, allowing local users to overwrite arbitrary files via a symlink attack. Connected advisories indicate fixes with Puppet packages updated to 2.7.25 (e.g., Mageia MDVSA-2014:040 ...

2.1CVSS6.1AI score0.00428EPSS
Exploits1References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/01/02 12:0 a.m.36 views

Debian DSA-2831-1 : puppet - insecure temporary files

An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

2.1CVSS6.6AI score0.00428EPSS
Exploits1References4
Debian
Debian
added 2013/12/31 4:46 p.m.24 views

[SECURITY] [DSA 2831-1] puppet security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2831-1 [email protected] http://www.debian.org/security/ Luciano Bello December 31, 2013 http://www.debian.org/security/faq -...

2.1CVSS5.8AI score0.00428EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/12/31 12:0 a.m.26 views

Debian Security Advisory DSA 2831-1 (puppet - insecure temporary files)

An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system. OpenVAS Vulnerability Test $Id: deb2831.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated fr...

2.1CVSS6.4AI score0.00428EPSS
Exploits1References1
seebug.org
seebug.org
added 2013/12/30 12:0 a.m.27 views

Puppet/Puppet Enterprise不安全临时文件符号链接攻击漏洞

CVE ID:CVE-2013-4969 puppet是一款Linux、Unix、windows平台的集中配置管理系统。 Puppet和Puppet Enterprise使用不安全的临时文件,允许本地攻击者使用符号链接攻击覆盖系统任意文件。 0 Puppet 3.3.2 Puppet 3.4.0 Puppet 2.8.3 Puppet 3.1.0 puppet 2.8.4和3.1.1, puppet 3.3.3和3.4.1已经修复该漏洞,建议用户下载更新: http://puppetlabs.com/...

2.1CVSS6.4AI score0.00428EPSS
Exploits1
Rows per page
Query Builder