CVE-2021-27023 – puppet: unsafe HTTP redirect
https://notcve.org/view.php?id=CVE-2021-27023
A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 Se ha detectado un fallo en Puppet Agent y Puppet Server que puede resultar en un filtrado de credenciales HTTP cuando se siguen redirecciones HTTP a un host diferente. Esto es similar a CVE-2018-1000007 An exposure flaw was found in Puppet Agent and Puppet Server where HTTP credentials were leaked. When the HTTP redirects occurred, the authentication and cookie header was added when following redirects to a different host. This flaw allows an unauthorized network attacker to access sensitive information. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7 https://puppet.com/security/cve/CVE-2021-27023 https://access.redhat.com/security/cve/CVE-2021-27023 https://bugzilla.redhat.com/show_bug.cgi?id=2023859 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-27025 – puppet: silent configuration failure in agent
https://notcve.org/view.php?id=CVE-2021-27025
A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. Se ha detectado un fallo en Puppet Agent donde el agente puede ignorar silenciosamente la configuración de Augeas o puede ser vulnerable a una condición de denegación de servicio antes del primer "pluginsync". A configuration flaw was found in Puppet Agent where the agent silently ignores Augeas settings. This flaw allows a network attacker to cause a denial of service before the first pluginsync. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7 https://puppet.com/security/cve/cve-2021-27025 https://access.redhat.com/security/cve/CVE-2021-27025 https://bugzilla.redhat.com/show_bug.cgi?id=2023853 • CWE-665: Improper Initialization •
CVE-2015-1855
https://notcve.org/view.php?id=CVE-2015-1855
verify_certificate_identity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to (1) multiple wildcards, (1) wildcards in IDNA names, (3) case sensitivity, and (4) non-ASCII characters. La función Verified_certificate_identity en la extensión OpenSSL en Ruby versiones anteriores a 2.0.0 patchlevel 645, versiones 2.1.x anteriores a 2.1.6 y versiones 2.2.x anteriores 2.2.2, no comprueba apropiadamente los nombres de host, lo que permite a atacantes remotos falsificar servidores por medio de vectores relacionados con (1) múltiples wildcards, (1) wildcards en nombres IDNA, (3) sensibilidad a mayúsculas y minúsculas y (4) caracteres no ASCII. • https://github.com/vpereira/CVE-2015-1855 http://www.debian.org/security/2015/dsa-3245 http://www.debian.org/security/2015/dsa-3246 http://www.debian.org/security/2015/dsa-3247 https://bugs.ruby-lang.org/issues/9644 https://puppetlabs.com/security/cve/cve-2015-1855 https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability • CWE-20: Improper Input Validation •