Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2023/10/23 12:0 a.m.35 views

Ubuntu 16.04 ESM : Puppet vulnerabilities (USN-4804-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4804-1 advisory. It was discovered that Puppet installed modules with world writable permissions. An attacker could use this vulnerability to execute arbitrary code or...

8.2CVSS7.8AI score0.02375EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.34 views

Ubuntu: Security Advisory (USN-4804-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.8AI score0.02375EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2018-0199)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.9AI score0.00363EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/03/27 12:0 a.m.22 views

Fedora 27 : puppet (2018-45d8b8ae21)

Update to latest puppet 4 release 4.10.10. Fixing a minor security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

5.5CVSS6.2AI score0.00363EPSS
Exploits0References2
OSV
OSV
added 2018/03/05 9:41 a.m.4 views

SUSE-SU-2018:0602-1 Security update for rubygem-puppet

This update for rubygem-puppet fixes the following issues: - CVE-2017-10689: Reset permissions when unpacking tar in PMT. When using minitar, files were unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created with weird permissions...

5.5CVSS5.8AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/03/02 12:0 a.m.31 views

SUSE SLED12 Security Update : puppet (SUSE-SU-2018:0571-1)

This update for puppet fixes the following issues : - CVE-2017-10689: Reset permissions when unpacking tar in PMT. When using minitar, files were unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created with weird permissions bsc1080288...

5.5CVSS6.2AI score0.00363EPSS
Exploits0References4
OSV
OSV
added 2018/03/01 1:34 p.m.11 views

SUSE-SU-2018:0571-1 Security update for puppet

This update for puppet fixes the following issues: - CVE-2017-10689: Reset permissions when unpacking tar in PMT. When using minitar, files were unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created with weird permissions bsc1080288...

5.5CVSS5.8AI score0.00363EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/02/20 12:0 a.m.38 views

openSUSE Security Update : rubygem-puppet (openSUSE-2018-174)

This update for rubygem-puppet fixes the following issues : - CVE-2017-10689: Reset permissions when unpacking tar in PMT. When using minitar, files are unpacked with whatever permissions are in the tarball. This is potentially unsafe, as tarballs can be easily created with weird permissions...

5.5CVSS6.1AI score0.00363EPSS
Exploits0References2
OSV
OSV
added 2018/02/09 8:29 p.m.28 views

CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability...

5.5CVSS5.7AI score0.00363EPSS
Exploits0References3
CVE
CVE
added 2018/02/09 8:0 p.m.129 views

CVE-2017-10689

CVE-2017-10689 affects Puppet-related tarball handling. According to connected advisories, Puppet could install modules with insecure permissions when unpacking tarballs, potentially enabling local code execution. Root cause: tar/mini.rb unpacking may preserve or impose unsafe permissions from th...

5.5CVSS5.5AI score0.00363EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2018/02/07 8:16 a.m.31 views

CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability...

5.5CVSS3.9AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2017/12/31 12:0 a.m.5 views

UBUNTU-CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability...

5.5CVSS6.3AI score0.00363EPSS
Exploits0References5
Rows per page
Query Builder