CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2011-3848
https://notcve.org/view.php?id=CVE-2011-3848
27 Oct 2011 — Directory traversal vulnerability in Puppet 2.6.x before 2.6.10 and 2.7.x before 2.7.4 allows remote attackers to write X.509 Certificate Signing Request (CSR) to arbitrary locations via (1) a double-encoded key parameter in the URI in 2.7.x, (2) the CN in the Subject of a CSR in 2.6 and 0.25. Vulnerabilidad de salto de directorio en Puppet v2.6.x antes de v2.6.10 y v2.7.x antes de v2.7.4, permite a atacantes remotos escribir Certificate Signing Request (CSR) X.509 en ubicaciones de su elección a través de ... • http://lists.opensuse.org/opensuse-updates/2011-10/msg00033.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.7EPSS: 2%CPEs: 24EXPL: 1CVE-2011-3872
https://notcve.org/view.php?id=CVE-2011-3872
27 Oct 2011 — Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability." Puppet v2.6.x antes de v2.6.12 y v2.7.x antes de v2.7.6, y Puppe... • https://github.com/puppetlabs-toy-chest/puppetlabs-cve20113872 • CWE-20: Improper Input Validation •