CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2011-3869
https://notcve.org/view.php?id=CVE-2011-3869
27 Oct 2011 — Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file. Puppet v2.7.x anterior a v2.7.5, v2.6.x anterior a v2.6.11, y v0.25.x permite a usuarios locales sobreescribir ficheros arbitrarios mediante un enlace simbólico sobre el fichero .k5login. • http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2011-3848
https://notcve.org/view.php?id=CVE-2011-3848
27 Oct 2011 — Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25. Vulnerabilidad de salto de directorio en Puppet v2.6.x antes de v2.6.10 y v2.7.x antes de v2.7.4, permite a atacantes remotos escribir Certificate Signing Request (CSR) X.509 en ubicaciones de su elección a través de ... • http://lists.opensuse.org/opensuse-updates/2011-10/msg00033.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.1EPSS: 0%CPEs: 23EXPL: 0CVE-2011-3870
https://notcve.org/view.php?id=CVE-2011-3870
27 Oct 2011 — Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file. Puppet v2.7.x antes de v2.7.5, v2.6.x antes de v2.6.11, y v0.25.x, permite a usuarios locales modificar los permisos de archivos de su elección a través de un ataque symlink al archivo authorized_keys de SSH • http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.4EPSS: 0%CPEs: 23EXPL: 0CVE-2011-3871
https://notcve.org/view.php?id=CVE-2011-3871
27 Oct 2011 — Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files. Puppet v2.7.x anterior a v2.7.5, v2.6.x anterior a v2.6.11, y v0.25.x, cuando se ejecuta el modo --edit, usa un nombre de fichero predecible, permitiendo a usuarios locales ejecutar código Puppet arbitrario o engañando a un usuario a editar ficheros arbitarios • http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.7EPSS: 0%CPEs: 24EXPL: 1CVE-2011-3872
https://notcve.org/view.php?id=CVE-2011-3872
27 Oct 2011 — Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability." Puppet v2.6.x antes de v2.6.12 y v2.7.x antes de v2.7.6, y Puppe... • https://github.com/puppetlabs-toy-chest/puppetlabs-cve20113872 • CWE-20: Improper Input Validation •