11 matches found
EUVD-2016-3859
Malware in sbrugna...
SUSE CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
Puppet Agent Arbitrary Code Execution Vulnerability
Puppet is the United States Puppet Labs a set of client / server C / S architecture based on the configuration management tools . Puppet Agent for Windows is one of the Windows platform based on the agent program . A security vulnerability exists in Puppet Agent for Windows versions 1.10.x prior ...
Privilege escalation
Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation...
Puppet Agent PXP agent code execution vulnerability
Puppet Agent is a set of client tools for viewing configuration files from Puppet Labs in the U.S. Puppet Execution Protocol PXP agent is one of the Puppet Execution Protocol tools. A code execution vulnerability exists in the PXP agent in Puppet Agent versions 1.3.0 through 1.5.x. The...
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
Code injection
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate...
CVE-2016-2786
The CVE-2016-2786 entry affects the pxp-agent component in Puppet Enterprise 2015.3.x (before 2015.3.3) and Puppet Agent 1.3.x (before 1.3.6), where improper validation of server certificates may allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate. Thi...