logo
DATABASE RESOURCES PRICING ABOUT US

Puppet vulnerability

Description

Kristian Erik Hermansen discovered a directory traversal vulnerability in the SSLFile indirection base class. A remote attacker could exploit this to overwrite files with the privileges of the Puppet Master.


Affected Package


OS OS Version Package Name Package Version
Ubuntu 11.04 puppet-common 2.6.4-2ubuntu2.2
Ubuntu 10.10 puppet-common 2.6.1-0ubuntu2.1
Ubuntu 10.04 puppet-common 0.25.4-2ubuntu6.2

Related