29 matches found
CVE-2013-3567
Summary: CVE-2013-3567 affects Puppet 2.7.x < 2.7.22, 3.2.x < 3.2.2, and Puppet Enterprise = 2.7.22 for 2.7.x, >= 3.2.2 for 3.2.x, or >= 2.8.2 for Puppet Enterprise.
CVE-2012-3866
Puppet 2.7.x before 2.7.18 and Puppet Enterprise before 2.5.2 fix a local information-disclosure issue: last_run_report.yaml is created with 0644 permissions, allowing local users with puppet-master access to read sensitive configuration. The vulnerability is limited to local access; no exploitat...
CVE-2013-1655
CVE-2013-1655 affects Puppet with Ruby 1.9.3+ and is triggered via serialized attributes to allow remote code execution. Public sources identify Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1 as vulnerable, with implications of remote code execution by unauthenticated attackers and potential d...
CVE-2013-4761
The CVE-2013-4761 issue affects Puppet and Puppet Enterprise: remote attackers can execute arbitrary Ruby code from the master via the resource_type service, exploiting it only when local file system access to the Puppet Master is possible. Affected lines include Puppet 2.7.x before 2.7.23, 3.2.x...
CVE-2012-3865
The CVE-2012-3865 entry concerns Puppet and Puppet Enterprise: a directory traversal flaw in lib/puppet/reports/store.rb that, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master by supplying a .. in a node name. Affected are Puppe...
CVE-2012-3867
CVE-2012-3867 affects Puppet modules where CSR Common Name validation is lax in Puppet before 2.6.17 and in 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2. This allows user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequenc...
CVE-2012-1906
CVE-2012-1906 affects Puppet 2.6.x (before 2.6.15), 2.7.x (before 2.7.13), and Puppet Enterprise users 1.0–2.5.x before 2.5.1. The root cause is the use of predictable file names when installing Mac OS X packages from a remote source, enabling a local attacker to overwrite arbitrary files or inst...
CVE-2013-4969
CVE-2013-4969 affects Puppet before 3.3.3 and 3.4 before 3.4.1, and Puppet Enterprise before 2.8.4 and 3.1 before 3.1.1, allowing local users to overwrite arbitrary files via a symlink attack. Connected advisories indicate fixes with Puppet packages updated to 2.7.25 (e.g., Mageia MDVSA-2014:040 ...
CVE-2011-3869
CVE-2011-3869 affects Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x. A local user can overwrite arbitrary files via a symlink attack on the .k5login file. Impact: local privilege or file tampering risk. Remediation: upgrade to 2.7.5+ (or 2.6.11+), or newer 0.25.x line as indicated in...
CVE-2012-1989
CVE-2012-1989 affects Puppet: telnet.rb in Puppet 2.7.x (before 2.7.13) and Puppet Enterprise 1.2.x, 2.0.x, and 2.5.x (before 2.5.1) allows a local user to perform a symlink attack on the NET::Telnet connection log (/tmp/out.log) and overwrite arbitrary files. Root cause: improper handling of tem...
CVE-2013-4956
CVE-2013-4761 and CVE-2013-4956 affect Puppet and Puppet Enterprise. The resource_type service flaw could allow a local attacker to cause the Puppet Master to load arbitrary Ruby code from the master filesystem, given access to the Puppet Master. Puppet Module Tool (PMT) can install modules with ...
CVE-2012-1986
Puppet CVE-2012-1986 affects Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, plus Puppet Enterprise (PE) 1.0–2.5.x before 2.5.1. Remote authenticated users with an authorized SSL key and certain puppet-master permissions can read arbitrary files via a symlink attack when making a crafted REST...
CVE-2013-1652
CVE-2013-1652 affects Puppet: remote authenticated users with a valid certificate and key can read arbitrary catalogs or poison the Puppet master’s cache via unspecified vectors. Affected versions include Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, plus Puppet Enterprise be...
CVE-2013-1654
CVE-2013-1654 affects Puppet 2.7.x prior to 2.7.21, Puppet 3.1.x prior to 3.1.1, and Puppet Enterprise 2.7.x prior to 2.7.2. The issue arises from how SSL protocol negotiation occurs between client and master, enabling remote attackers to perform SSLv2 downgrade attacks against SSLv3 sessions via...
CVE-2013-1653
CVE-2013-1653 affects Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1 (and Puppet Enterprise before 1.2.7 / 2.7.x before 2.7.2) when the service is listening for incoming connections and the run REST endpoint is accessible. It allows remote authenticated users to execute arbitra...
CVE-2013-2275
CVE-2013-2275 affects Puppet components where the default /etc/puppet/auth.conf allowed an authenticated node to submit a report for another node. Affected: Puppet masters 0.25.0+ and Puppet versions 2.x (before 2.6.18 for 2.6 line, before 2.7.21 for 2.7 line), 3.1.x before 3.1.1, and Puppet Ente...
CVE-2012-1053
CVE-2012-1053 affects Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, plus Puppet Enterprise (PE) Users 1.0–2.0.x before 2.0.3. The vulnerability lies in the SUIDManager’s change_user method, which fails to drop supplementary groups in certain cases, allows eguid/egid mismatches, and can add ...
CVE-2012-3864
CVE-2012-3864 affects Puppet up to versions: Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2. The flaw allows remote authenticated users to read arbitrary files on the puppet master by exploiting an authenticated user’s certificate and private key in a GET request...
CVE-2011-3870
CVE-2011-3870 affects Puppet 2.7.x < 2.7.5, 2.6.x
CVE-2011-3872
CVE-2011-3872 affects Puppet 2.6.x <2.6.12, 2.7.x <2.7.6, and Puppet Enterprise 1.0–1.2
CVE-2012-3408
CVE-2012-3408 affects Puppet: the file lib/puppet/network/authstore.rb in Puppet before 2.7.18 and Puppet Enterprise before 2.5.2 allows use of IP addresses in certnames without warning, which might let remote attackers spoof an agent by reusing a previously seen IP address. The available connect...
CVE-2012-1054
CVE-2012-1054 affects Puppet 2.6.x (before 2.6.14), Puppet 2.7.x (before 2.7.11), and Puppet Enterprise (PE) Users 1.0–2.0.x (before 2.0.3). The vulnerability is triggered when managing a user login file via the k5login resource, enabling local privilege escalation through a symlink attack on .k5...
CVE-2011-3871
CVE-2011-3871 is described in the connected advisory as a vulnerability in Puppet where, in --edit mode, certain Puppet versions (2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x) use a predictable file name. This allows local users to run arbitrary Puppet code or trick a user into editing arb...
CVE-2011-3848
CVE-2011-3848: A directory traversal in Puppet allows writing X.509 certificate signing requests to arbitrary locations. Affected: Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4. Exploitation methods in the connected docs include (1) a double-encoded key parameter in the URI (2.7.x) and (2) th...
CVE-2013-2274
Puppet vulnerability CVE-2013-2274 affects Puppet 2.6.x (pre-2.6.18) and Puppet Enterprise 1.2.x (pre-1.2.7). An authenticated attacker could send a crafted report to the puppet master (or an agent with puppet kick enabled) to achieve remote arbitrary code execution. Remediation per RHSA-2013:071...
CVE-2012-5158
Puppet Enterprise 2.x prior to 2.6.1 is affected by a session-handling weakness: when the session secret changes, sessions are not properly invalidated, allowing an authenticated remote user to retain access via unspecified vectors. Affected component is the PE 2.x session management; root cause ...
CVE-2013-1398
CVE-2013-1398 concerns the pe_mcollective module in Puppet Enterprise (PE) prior to version 2.7.1. The issue is that access to a catalog of private SSL keys is not properly restricted, allowing remote authenticated users to obtain sensitive information and potentially gain privileges by leveragin...
CVE-2013-1399
CVE-2013-1399 affects Puppet Enterprise before 2.7.1, with CSRF vulnerabilities in the console’s node request management, live management, and user administration components. The flaws may allow remote attackers to hijack authentication of unspecified victims via unknown vectors. The NVD describe...
CVE-2013-2716
CVE-2013-2716 affects Puppet Enterprise before 2.8.0. The issue is that the CAS client config (cas_client_config.yml) does not use a randomized secret when upgrading from older 1.2.x or 2.0.x versions, enabling a remote attacker to create a crafted cookie that authenticates to the console. Outcom...