Page 2 of 12 results (0.007 seconds)

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. En versiones anteriores de Puppet Agent, era posible instalar un módulo con permisos de modificación para cualquier usuario. Puppet Agent 5.3.4 y 1.10.10 incluían una solución para esta vulnerabilidad. • https://access.redhat.com/errata/RHSA-2018:2927 https://puppet.com/security/cve/CVE-2017-10689 https://usn.ubuntu.com/3567-1 https://access.redhat.com/security/cve/CVE-2017-10689 https://bugzilla.redhat.com/show_bug.cgi?id=1542850 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. El archivo de configuración vhost por defecto en Puppet en versiones anteriores a la 3.6.2 no incluye la directiva SSLCARevocationCheck. Esto podría permitir que atacantes remotos obtengan información sensible mediante un certificado revocado cuando un Puppet master se ejecuta con Apache 2.4. • https://bugzilla.redhat.com/show_bug.cgi?id=1101347 https://puppet.com/security/cve/CVE-2014-3250 • CWE-295: Improper Certificate Validation •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML. Las versiones de Puppet anteriores a la 4.10.1 deserializarán datos "off the wire" (del agente al servidor, en este caso) con un formato especificado por el atacante. Esto podría emplearse para forzar la deserialización YAML de forma no segura, lo que conduciría a la ejecución remota de código. • http://www.debian.org/security/2017/dsa-3862 http://www.securityfocus.com/bid/98582 https://puppet.com/security/cve/cve-2017-2295 https://access.redhat.com/security/cve/CVE-2017-2295 https://bugzilla.redhat.com/show_bug.cgi?id=1452651 • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 1

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. Vulnerabilidad de ruta de búsqueda no confiable en Puppet Enterprise 2.8 anterior a 2.8.7, Puppet anterior a 2.7.26 y 3.x anterior a 3.6.2, Facter 1.6.x y 2.x anterior a 2.0.2, Hiera anterior a 1.3.4, y Mcollective anterior a 2.5.2 o anteriores, permite a usuarios locales ganar privilegios ubicando un troyano en el directorio actual a través de un troyano en un archivo, se demostró usando (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, o (6) safe_yaml/deep.so; o (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, o (10) osfamily.so en puppet/confine. • http://puppetlabs.com/security/cve/cve-2014-3248 http://rowediness.com/2014/06/13/cve-2014-3248-a-little-problem-with-puppet http://secunia.com/advisories/59197 http://secunia.com/advisories/59200 http://www.securityfocus.com/bid/68035 • CWE-17: DEPRECATED: Code •

CVSS: 2.1EPSS: 0%CPEs: 11EXPL: 0

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. Puppet anteriores a 3.3.3. y 3.4 anteriores a 3.4.1 y Puppet Enterprise (PE) anteriores a 2.8.4 y 3.1 anteriores a 3.1.1 permite a usuarios locales sobreescribir ficheros arbitrarios a través de un ataque de enlaces simbólicos en ficheros no especificados. • http://puppetlabs.com/security/cve/cve-2013-4969 http://secunia.com/advisories/56253 http://secunia.com/advisories/56254 http://www.debian.org/security/2013/dsa-2831 http://www.ubuntu.com/usn/USN-2077-1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •