Page 2 of 35 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. En versiones anteriores de Puppet Agent, era posible instalar un módulo con permisos de modificación para cualquier usuario. Puppet Agent 5.3.4 y 1.10.10 incluían una solución para esta vulnerabilidad. • https://access.redhat.com/errata/RHSA-2018:2927 https://puppet.com/security/cve/CVE-2017-10689 https://usn.ubuntu.com/3567-1 https://access.redhat.com/security/cve/CVE-2017-10689 https://bugzilla.redhat.com/show_bug.cgi?id=1542850 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. El archivo de configuración vhost por defecto en Puppet en versiones anteriores a la 3.6.2 no incluye la directiva SSLCARevocationCheck. Esto podría permitir que atacantes remotos obtengan información sensible mediante un certificado revocado cuando un Puppet master se ejecuta con Apache 2.4. • https://bugzilla.redhat.com/show_bug.cgi?id=1101347 https://puppet.com/security/cve/CVE-2014-3250 • CWE-295: Improper Certificate Validation •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in an unsafe manner, which would lead to remote code execution. This change constrains the format of data on the wire to PSON or safely decoded YAML. Las versiones de Puppet anteriores a la 4.10.1 deserializarán datos "off the wire" (del agente al servidor, en este caso) con un formato especificado por el atacante. Esto podría emplearse para forzar la deserialización YAML de forma no segura, lo que conduciría a la ejecución remota de código. • http://www.debian.org/security/2017/dsa-3862 http://www.securityfocus.com/bid/98582 https://puppet.com/security/cve/cve-2017-2295 https://access.redhat.com/security/cve/CVE-2017-2295 https://bugzilla.redhat.com/show_bug.cgi?id=1452651 • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.2EPSS: 0%CPEs: 15EXPL: 1

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. Vulnerabilidad de ruta de búsqueda no confiable en Puppet Enterprise 2.8 anterior a 2.8.7, Puppet anterior a 2.7.26 y 3.x anterior a 3.6.2, Facter 1.6.x y 2.x anterior a 2.0.2, Hiera anterior a 1.3.4, y Mcollective anterior a 2.5.2 o anteriores, permite a usuarios locales ganar privilegios ubicando un troyano en el directorio actual a través de un troyano en un archivo, se demostró usando (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, o (6) safe_yaml/deep.so; o (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, o (10) osfamily.so en puppet/confine. • http://puppetlabs.com/security/cve/cve-2014-3248 http://rowediness.com/2014/06/13/cve-2014-3248-a-little-problem-with-puppet http://secunia.com/advisories/59197 http://secunia.com/advisories/59200 http://www.securityfocus.com/bid/68035 • CWE-17: DEPRECATED: Code •

CVSS: 5.1EPSS: 1%CPEs: 11EXPL: 0

Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master. Vulnerabilidad sin especificar en Puppet 2.7.x anterior a 2.7.23 y 3.2.x anterior a 3.2.4, y Puppet Enterprise 2.8.x anterior a 2.8.3 y 3.0.x anterior a 3.0.1, permite a atacantes remotos ejecutar programas Ruby arbitrariamente desde el master a través del servicio resource_type. NOTA: esta vulnerabilidad únicamente puede ser explotada utilizando un "acceso local al sistema de ficheros no especificado" al Puppet Master. • http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00009.html http://puppetlabs.com/security/cve/cve-2013-4761 http://rhn.redhat.com/errata/RHSA-2013-1283.html http://rhn.redhat.com/errata/RHSA-2013-1284.html http://www.debian.org/security/2013/dsa-2761 https://access.redhat.com/security/cve/CVE-2013-4761 https://bugzilla.redhat.com/show_bug.cgi?id=996856 •