Page 10 of 56 results (0.017 seconds)

CVSS: 2.1EPSS: 0%CPEs: 17EXPL: 1

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file. lib/puppet/defaults.rb en Puppet 2.7.x anterior a 2.7.18, y Puppet Enterprise anterior a 2.5.2, emplea permisos del tipo 0644 para last_run_report.yaml, lo que permite a usuarios locales obtener información sensible de la configuración aprovechando el acceso al servidor maestro de Puppet para leer el archivo. • http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html http://puppetlabs.com/security/cve/cve-2012-3866 http://secunia.com/advisories/50014 http://www.debian.org/security/2012/dsa-2511 http://www.ubuntu.com/usn/USN-1506-1 https://bugzilla.redhat.com/show_bug.cgi?id=839135 https://github.com/puppetlabs/puppet/commit/fd44bf5e6d0d360f6a493d663b653c121fa83c3f • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 34EXPL: 2

Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name. Vulnerabilidad de directorio transversal en lib/puppet/reports/store.rb en Puppet anterior a v2.6.17 y v2.7.x anterior a v2.7.18, y Puppet Enterprise anterior a v2.5.2, cuando Eliminar está habilitado en auth.conf, permite a usuarios remotos autenticados borrar archivos arbitrarios en el servidor maestro de las marionetas a través de un .. (punto punto) en un nombre de nodo. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html http://puppetlabs.com/security/cve/cve-2012-3865 http://secunia.com/advisories/50014 http://www.debian.org/security/2012/dsa-2511 http://www.ubuntu.com/usn/USN-1506-1 https://bugzilla.redhat.com/show_bug.cgi?id=839131 https://github.com/puppetlabs/puppet/commit/554eefc55f57ed2b76e5ee04d8f194d36f6ee67f https://github.com/puppetlabs/puppet/commit/d80478208d • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.0EPSS: 0%CPEs: 35EXPL: 2

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request. Puppet anterior a v2.6.17 y v2.7.x anterior a v2.7.18 y Puppet Enterprise anterior a v2.5.2, permite a usuarios remotos autenticados a leer ficheros de su elección en el servidor maestro de Puppet aprovechando un certificado de usuario y una clave privada en una petición GET. • http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html http://puppetlabs.com/security/cve/cve-2012-3864 http://secunia.com/advisories/50014 http://www.debian.org/security/2012/dsa-2511 http://www.ubuntu.com/usn/USN-1506-1 https://bugzilla.redhat.com/show_bug.cgi?id=839130 https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4 https://github.com/puppetlabs/puppet/commit/c3c7462e40 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 3.6EPSS: 0%CPEs: 20EXPL: 0

telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log). telnet.rb en Puppet v2.7.x antes de v2.7.13 y Puppet Enterprise (PE) v1.2.x, v2.0.x, y v2.5.x antes de v2.5.1, permite a usuarios locales sobreescribir archivos de su elección a través de ataques de enlace simbólico en el registro de conexión NET::Telnet (/tmp/out.log). • http://lists.opensuse.org/opensuse-updates/2012-05/msg00012.html http://projects.puppetlabs.com/issues/13606 http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13 http://puppetlabs.com/security/cve/cve-2012-1989 http://secunia.com/advisories/48743 http://secunia.com/advisories/48748 http://secunia.com/advisories/49136 http://ubuntu.com/usn/usn-1419-1 http://www.securityfocus.com/bid/52975 https://exchange.xforce.ibmcloud.com/vulnerabilities/74797 https://herme • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.0EPSS: 0%CPEs: 13EXPL: 0

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request. Puppet v2.6.x anterior a v2.6.15 y v2.7.x anterior a v2.7.13, y Puppet Enterprise (PE) Users v1.0, v1.1, v1.2.x, v2.0.x, y v2.5.x anterior a v2.5.1 permite a usuarios remotos autenticados con el agente de claves SSL y permisos de creación de archivos en el puppet maestro ejecutar comandos arbitrarios mediante la creación de un archivo cuyo nombre de ruta completo contiene metacaracteres de shell, para realizar una solicitud "filebucket". telnet.rb en v2.7.x anterior a v2.7.13 y Puppet Enterprise (PE) v1.2.x, v2.0.x y v2.5.x anterior a v2.5.1 permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlace simbólico en el log de registro NET::Telnet (/tmp/out.log). • http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html http://projects.puppetlabs.com/issues/13518 http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15 http://puppetlabs.com/security/cve/cve-2012-1988 http://secunia.com/advisories/48743 http://secunia.com/advisories/48748 http://secunia.com/adv • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •