4 matches found
Gentoo Security Advisory GLSA 201412-15
Gentoo Linux Local Security Checks GLSA 201412-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Puppet Enterprise 2.8.x / 3.2.x Multiple Vulnerabilities
According to its self-reported version number, the Puppet Enterprise application installed on the remote host is version 2.8.x or 3.2.x. It is, therefore, affected by multiple vulnerabilities : - An error exists in the 'dossl3write' function that permits a NULL pointer to be dereferenced, which...
CVE-2014-3251
The MCollective aessecurity plugin, as used in Puppet Enterprise before 3.3.0 and Mcollective before 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecified vectors related to...
CVE-2014-3251
CVE-2014-3251 affects the MCollective aes_security plugin used with Puppet Enterprise before 3.3.0 and MCollective before 2.5.3. The issue is improper validation of new server certificates based on the CA certificate, allowing a local attacker to establish unauthorized MCollective connections via...