CVE-2011-3869 - Link Following vulnerability in Puppetlabs Puppet

Publication

2011-10-27

Last modification

2017-12-09

Summary

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.

Description

Puppet is prone to multiple security vulnerabilites.Local attackers can exploit these issues to gain elevated privileges on affected computers.

Solution

Updates are available. Please see the references for more information.

Exploit

An attacker can use readily available commands to exploit these issues.

Classification

CWE-59 - Link Following

Risk level (CVSS AV:L/AC:M/Au:N/C:N/I:C/A:C)

Medium

6.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Puppetlabs Puppet  0.25.4 , 2.7.1 , 2.7.0 , 2.6.10 , 2.6.4 , 2.6.9 , 2.6.0 , 2.7.3 , 2.6.2 , 2.6.5 , 0.25.2 , 2.6.1 , 0.25.0 , 2.6.7 , 2.7.2 , 2.6.6 , 0.25.1 , 2.6.8 , 2.7.4 , 0.25.5 , 0.25.6 , 0.25.3 , 2.6.3