Puppet@2.7.1 Security Vulnerabilities and Issues — Puppet@2.7.1 CVE List

Lucene search

PuppetlabsPuppet2.7.1

23 matches found

CVE•added 2013/08/19 11:55 p.m.•117 views

CVE-2013-3567

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

7.5CVSS7.3AI score0.11139EPSS

CVE•added 2012/08/06 4:55 p.m.•99 views

CVE-2012-3866

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.

2.1CVSS5.5AI score0.0005EPSS

CVE•added 2013/03/20 4:55 p.m.•96 views

CVE-2013-1655

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."

7.5CVSS8.1AI score0.00807EPSS

CVE•added 2012/08/06 4:55 p.m.•88 views

CVE-2012-3865

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a ...

3.5CVSS6AI score0.0215EPSS

CVE•added 2012/08/06 4:55 p.m.•87 views

CVE-2012-3867

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick a...

4.3CVSS6.3AI score0.01418EPSS

CVE•added 2012/05/29 8:55 p.m.•86 views

CVE-2012-1906

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

3.3CVSS6.2AI score0.00063EPSS

CVE•added 2013/08/20 10:55 p.m.•85 views

CVE-2013-4761

Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited u...

5.1CVSS7.1AI score0.0062EPSS

CVE•added 2012/06/27 6:55 p.m.•81 views

CVE-2012-1989

telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log).

3.6CVSS6.1AI score0.00094EPSS

CVE•added 2012/05/29 8:55 p.m.•79 views

CVE-2012-1986

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction w...

2.1CVSS6AI score0.00374EPSS

CVE•added 2012/05/29 8:55 p.m.•76 views

CVE-2012-1987

Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream...

3.5CVSS6.2AI score0.00735EPSS

CVE•added 2011/10/27 8:55 p.m.•75 views

CVE-2011-3869

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.

6.3CVSS6AI score0.00042EPSS

CVE•added 2013/03/20 4:55 p.m.•72 views

CVE-2013-1654

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors.

5CVSS6.4AI score0.00455EPSS

CVE•added 2013/08/20 10:55 p.m.•72 views

CVE-2013-4956

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to rea...

3.6CVSS6AI score0.00108EPSS

CVE•added 2012/05/29 8:55 p.m.•71 views

CVE-2012-1053

The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors r...

6.9CVSS6.1AI score0.00044EPSS

CVE•added 2011/10/27 8:55 p.m.•70 views

CVE-2011-3870

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.

6.3CVSS5.9AI score0.00033EPSS

CVE•added 2013/03/20 4:55 p.m.•70 views

CVE-2013-2275

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows remote authenticated nodes to submit reports for other nodes via unspecified vectors.

4CVSS6.1AI score0.00378EPSS

CVE•added 2011/10/27 8:55 p.m.•69 views

CVE-2011-3871

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.

6.2CVSS6.2AI score0.00042EPSS

CVE•added 2012/05/29 8:55 p.m.•67 views

CVE-2012-1054

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login.

4.4CVSS6.1AI score0.00071EPSS

CVE•added 2013/03/20 4:55 p.m.•67 views

CVE-2013-1652

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key to read arbitrary catalogs or poison the master's cache via unspecified vectors.

4.9CVSS6.1AI score0.00245EPSS

CVE•added 2013/03/20 4:55 p.m.•66 views

CVE-2013-1653

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via...

7.1CVSS7.2AI score0.01548EPSS

CVE•added 2011/10/27 8:55 p.m.•65 views

CVE-2011-3848

Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25.

5CVSS6.6AI score0.00433EPSS

CVE•added 2011/10/27 8:55 p.m.•63 views

CVE-2011-3872

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof ...

2.6CVSS6.2AI score0.02778EPSS

CVE•added 2012/08/06 4:55 p.m.•61 views

CVE-2012-3864

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.

4CVSS6AI score0.00314EPSS