Vulnerabilities > CVE-2012-1987 - Multiple Security vulnerability in Puppet
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.
Vulnerable Configurations
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2012-6674.NASL description With Fedora 17 using ruby-1.9.3, an update to puppet-2.7, which has improved support for ruby-1.9, is required. Note that ruby-1.9 is not fully supported in the puppet-2.7 series. Where possible, patches from the next upstream release branch will be backported to improve ruby-1.9 compatibility. Also note that there will likely be issues when connecting to a puppet-2.6 master. This is unavoidable for the moment. Normally all Fedora and EPEL branches are kept in sync to avoid this problem. At this time, a decision to move all branches to 2.7 has not been made. This update obsoletes puppet-2.6.16, which fixed several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-05-07 plugin id 59000 published 2012-05-07 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59000 title Fedora 17 : puppet-2.7.13-1.fc17 (2012-6674) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2012-6674. # include("compat.inc"); if (description) { script_id(59000); script_version("1.11"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2012-1986", "CVE-2012-1987", "CVE-2012-1988"); script_bugtraq_id(52975); script_xref(name:"FEDORA", value:"2012-6674"); script_name(english:"Fedora 17 : puppet-2.7.13-1.fc17 (2012-6674)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "With Fedora 17 using ruby-1.9.3, an update to puppet-2.7, which has improved support for ruby-1.9, is required. Note that ruby-1.9 is not fully supported in the puppet-2.7 series. Where possible, patches from the next upstream release branch will be backported to improve ruby-1.9 compatibility. Also note that there will likely be issues when connecting to a puppet-2.6 master. This is unavoidable for the moment. Normally all Fedora and EPEL branches are kept in sync to avoid this problem. At this time, a decision to move all branches to 2.7 has not been made. This update obsoletes puppet-2.6.16, which fixed several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13 script_set_attribute( attribute:"see_also", value:"https://puppet.com/docs/puppet/6.0/release_notes_puppet.html#2.7.13" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=810069" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=810070" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=810071" ); # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?28868bfb" ); script_set_attribute( attribute:"solution", value:"Update the affected puppet package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:puppet"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:17"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/05/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^17([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 17.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC17", reference:"puppet-2.7.13-1.fc17")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "puppet"); }NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_607D2108A0E4423ABF78846F2A8F01B0.NASL description Multiple vulnerabilities exist in puppet that can result in arbitrary code execution, arbitrary file read access, denial of service, and arbitrary file write access. Please review the details in each of the CVEs for additional information. last seen 2020-06-01 modified 2020-06-02 plugin id 58670 published 2012-04-11 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58670 title FreeBSD : puppet -- Multiple Vulnerabilities (607d2108-a0e4-423a-bf78-846f2a8f01b0) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(58670); script_version("1.9"); script_cvs_date("Date: 2018/12/19 13:21:18"); script_cve_id("CVE-2012-1906", "CVE-2012-1986", "CVE-2012-1987", "CVE-2012-1988", "CVE-2012-1989"); script_name(english:"FreeBSD : puppet -- Multiple Vulnerabilities (607d2108-a0e4-423a-bf78-846f2a8f01b0)"); script_summary(english:"Checks for updated package in pkg_info output"); script_set_attribute( attribute:"synopsis", value:"The remote FreeBSD host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities exist in puppet that can result in arbitrary code execution, arbitrary file read access, denial of service, and arbitrary file write access. Please review the details in each of the CVEs for additional information." ); # http://puppetlabs.com/security/cve/cve-2012-1906/ script_set_attribute( attribute:"see_also", value:"https://puppet.com/security/cve/cve-2012-1906" ); # http://puppetlabs.com/security/cve/cve-2012-1986/ script_set_attribute( attribute:"see_also", value:"https://puppet.com/security/cve/cve-2012-1986" ); # http://puppetlabs.com/security/cve/cve-2012-1987/ script_set_attribute( attribute:"see_also", value:"https://puppet.com/security/cve/cve-2012-1987" ); # http://puppetlabs.com/security/cve/cve-2012-1988/ script_set_attribute( attribute:"see_also", value:"https://puppet.com/security/cve/cve-2012-1988" ); # http://puppetlabs.com/security/cve/cve-2012-1989/ script_set_attribute( attribute:"see_also", value:"https://puppet.com/security/cve/cve-2012-1989" ); # https://vuxml.freebsd.org/freebsd/607d2108-a0e4-423a-bf78-846f2a8f01b0.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?77b95470" ); script_set_attribute(attribute:"solution", value:"Update the affected package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:puppet"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/03/26"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"puppet>2.7.*<2.7.12_1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201208-02.NASL description The remote host is affected by the vulnerability described in GLSA-201208-02 (Puppet: Multiple vulnerabilities) Multiple vulnerabilities have been found in Puppet: Puppet uses predictable file names for temporary files (CVE-2012-1906). REST requests for a file in a remote filebucket are not handled properly by overriding filebucket storage locations (CVE-2012-1986). REST requests for a file in a remote filebucket are not handled properly by reading streams or writing files on the Puppet master last seen 2020-06-01 modified 2020-06-02 plugin id 61541 published 2012-08-15 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/61541 title GLSA-201208-02 : Puppet: Multiple vulnerabilities code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201208-02. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(61541); script_version("1.7"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2012-1906", "CVE-2012-1986", "CVE-2012-1987", "CVE-2012-1988", "CVE-2012-1989"); script_bugtraq_id(52975); script_xref(name:"GLSA", value:"201208-02"); script_name(english:"GLSA-201208-02 : Puppet: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201208-02 (Puppet: Multiple vulnerabilities) Multiple vulnerabilities have been found in Puppet: Puppet uses predictable file names for temporary files (CVE-2012-1906). REST requests for a file in a remote filebucket are not handled properly by overriding filebucket storage locations (CVE-2012-1986). REST requests for a file in a remote filebucket are not handled properly by reading streams or writing files on the Puppet master's file system (CVE-2012-1987). File name paths are not properly sanitized from bucket requests (CVE-2012-1988). The Telnet utility in Puppet does not handle temporary files securely (CVE-2012-1989). Impact : A local attacker with access to agent SSL keys could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or perform symlink attacks to overwrite or read arbitrary files on the Puppet master. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201208-02" ); script_set_attribute( attribute:"solution", value: "All Puppet users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/puppet-2.7.13'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:puppet"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/08/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/15"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-admin/puppet", unaffected:make_list("ge 2.7.13"), vulnerable:make_list("lt 2.7.13"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Puppet"); }NASL family Fedora Local Security Checks NASL id FEDORA_2012-6055.NASL description This update fixes several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-04-30 plugin id 58911 published 2012-04-30 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58911 title Fedora 15 : puppet-2.6.16-1.fc15 (2012-6055) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1419-1.NASL description It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. (CVE-2012-1906) It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. (CVE-2012-1986) It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. (CVE-2012-1987) It was discovered that Puppet incorrectly handled filebucket requests. A local attacker could exploit this to execute arbitrary code via a crafted file path. (CVE-2012-1988) It was discovered that Puppet used a predictable filename for the Telnet connection log file. A local attacker could exploit this to overwrite arbitrary files. This issue only affected Ubuntu 11.10. (CVE-2012-1989). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 58680 published 2012-04-11 reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58680 title Ubuntu 10.04 LTS / 11.04 / 11.10 : puppet vulnerabilities (USN-1419-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2453.NASL description Several vulnerabilities have been discovered in Gajim, a feature-rich Jabber client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-1987 Gajim is not properly sanitizing input before passing it to shell commands. An attacker can use this flaw to execute arbitrary code on behalf of the victim if the user e.g. clicks on a specially crafted URL in an instant message. - CVE-2012-2093 Gajim is using predictable temporary files in an insecure manner when converting instant messages containing LaTeX to images. A local attacker can use this flaw to conduct symlink attacks and overwrite files the victim has write access to. - CVE-2012-2086 Gajim is not properly sanitizing input when logging conversations which results in the possibility to conduct SQL injection attacks. last seen 2020-03-17 modified 2012-04-17 plugin id 58766 published 2012-04-17 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58766 title Debian DSA-2453-1 : gajim - several vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2012-5999.NASL description This update fixes several security issues recently found in puppet related to filebucket functionality. For full details, refer to the upstream release notes : http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-04-30 plugin id 58909 published 2012-04-30 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58909 title Fedora 16 : puppet-2.6.16-1.fc16 (2012-5999) NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-269.NASL description puppet was prone to several security issues last seen 2020-06-05 modified 2014-06-13 plugin id 74620 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74620 title openSUSE Security Update : puppet (openSUSE-SU-2012:0608-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2451.NASL description Several vulnerabilities have been discovered in Puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-1906 Puppet is using predictable temporary file names when downloading Mac OS X package files. This allows a local attacker to either overwrite arbitrary files on the system or to install an arbitrary package. - CVE-2012-1986 When handling requests for a file from a remote filebucket, Puppet can be tricked into overwriting its defined location for filebucket storage. This allows an authorized attacker with access to the Puppet master to read arbitrary files. - CVE-2012-1987 Puppet is incorrectly handling filebucket store requests. This allows an attacker to perform denial of service attacks against Puppet by resource exhaustion. - CVE-2012-1988 Puppet is incorrectly handling filebucket requests. This allows an attacker with access to the certificate on the agent and an unprivileged account on Puppet master to execute arbitrary code via crafted file path names and making a filebucket request. last seen 2020-03-17 modified 2012-04-16 plugin id 58753 published 2012-04-16 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/58753 title Debian DSA-2451-1 : puppet - several vulnerabilities NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-369.NASL description - Fixed bnc#747657: CVE-2012-1053, CVE-2012-1054: improper privilege dropping and file handling flaws This was done by updating to the new version in stable branch. The stable branch receives only security fixes and this update does not provide any new features. - Fixed bnc#755869 CVE-2012-1988: Filebucket arbitrary code execution - Fixed bnc#755872 CVE-2012-1986: Arbitrary File Read - Fixed bnc#755870 CVE-2012-1987: Denial of Service - Fixed bnc#755871 CVE-2012-1989: Arbitrary File Write last seen 2020-06-05 modified 2014-06-13 plugin id 74671 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74671 title openSUSE Security Update : puppet (openSUSE-SU-2012:0835-1) NASL family SuSE Local Security Checks NASL id SUSE_11_PUPPET-120411.NASL description This update fixes the following issues : - Filebucket arbitrary file read. (CVE-2011-1986) - Filebucket DoS. (CVE-2012-1987) - Filebucket arbitrary code execution. (CVE-2012-1988) - insecure handling of temporary files. (CVE-2012-1989) last seen 2020-06-05 modified 2013-01-25 plugin id 64217 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64217 title SuSE 11.1 Security Update : puppet (SAT Patch Number 6115)
Redhat
| rpms |
|
References
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
- http://projects.puppetlabs.com/issues/13552
- http://projects.puppetlabs.com/issues/13553
- http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
- http://puppetlabs.com/security/cve/cve-2012-1987/
- http://puppetlabs.com/security/cve/cve-2012-1987/hotfixes/
- http://secunia.com/advisories/48743
- http://secunia.com/advisories/48748
- http://secunia.com/advisories/48789
- http://secunia.com/advisories/49136
- http://ubuntu.com/usn/usn-1419-1
- http://www.debian.org/security/2012/dsa-2451
- http://www.osvdb.org/81308
- http://www.securityfocus.com/bid/52975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
- https://hermes.opensuse.org/messages/14523305
- https://hermes.opensuse.org/messages/15087408