CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2290
https://notcve.org/view.php?id=CVE-2017-2290
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1. En instalaciones de Windows del plugin mcollective-puppet-agent, versión 1.12.0, un usuario no administrador puede crear un ejecutable que será ejecutado con privilegios de administrador en la siguiente ejecución "mco puppet". Usuarios de Puppet Enterprise no están afectados. • http://www.securityfocus.com/bid/96583 https://puppet.com/security/cve/cve-2017-2290 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0CVE-2016-2785
https://notcve.org/view.php?id=CVE-2016-2785
Puppet Server before 2.3.2 and Ruby puppetmaster in Puppet 4.x before 4.4.2 and in Puppet Agent before 1.4.2 might allow remote attackers to bypass intended auth.conf access restrictions by leveraging incorrect URL decoding. Puppet Server en versiones anteriores a 2.3.2 y Ruby puppetmaster en Puppet 4.x en versiones anteriores a 4.4.2 y en Puppet Agent en versiones anteriores a 1.4.2 podría permitir a atacantes remotos eludir las restricciones destinas al acceso auth.conf aprovechando una decodificación URL incorrecta. • https://github.com/puppetlabs/puppet/pull/4921/commits/8d2ce797db265720f0a20d1d46ee2757b4e4f6b2 https://puppet.com/security/cve/cve-2016-2785 https://security.gentoo.org/glsa/201606-02 • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2016-2786
https://notcve.org/view.php?id=CVE-2016-2786
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x before 1.3.6 does not properly validate server certificates, which might allow remote attackers to spoof brokers and execute arbitrary commands via a crafted certificate. El componente pxp-agent en Puppet Enterprise 2015.3.x en versiones anteriores a 2015.3.3 y Puppet Agent 1.3.x en versiones anteriores a 1.3.6 no valida adecuadamente certificados de servidor, lo que podría permitir a atacantes remotos espiar brokers y ejecutar comandos arbitrarios a través de un certificado manipulado. • https://puppet.com/security/cve/CVE-2016-2786 https://security.gentoo.org/glsa/201606-02 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 2%CPEs: 19EXPL: 1CVE-2015-1855
https://notcve.org/view.php?id=CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. La función Verified_certificate_identity en la extensión OpenSSL en Ruby versiones anteriores a 2.0.0 patchlevel 645, versiones 2.1.x anteriores a 2.1.6 y versiones 2.2.x anteriores 2.2.2, no comprueba apropiadamente los nombres de host, lo que permite a atacantes remotos falsificar servidores por medio de vectores relacionados con (1) múltiples wildcards, (1) wildcards en nombres IDNA, (3) sensibilidad a mayúsculas y minúsculas y (4) caracteres no ASCII. • https://github.com/vpereira/CVE-2015-1855 http://www.debian.org/security/2015/dsa-3245 http://www.debian.org/security/2015/dsa-3246 http://www.debian.org/security/2015/dsa-3247 https://bugs.ruby-lang.org/issues/9644 https://puppetlabs.com/security/cve/cve-2015-1855 https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability • CWE-20: Improper Input Validation •