Vulnerabilities > CVE-2013-4761 - Remote Code Execution vulnerability in RETIRED: Puppet
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 | |
| Application | 3 |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2761.NASL description Several vulnerabilities were discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4761 The last seen 2020-03-17 modified 2013-09-20 plugin id 70002 published 2013-09-20 reporter This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/70002 title Debian DSA-2761-1 : puppet - several vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1928-1.NASL description It was discovered that Puppet incorrectly handled the resource_type service. A local attacker on the master could use this issue to execute arbitrary Ruby files. (CVE-2013-4761) It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with the permissions that existed when they were built, possibly exposing them to a local attacker. (CVE-2013-4956). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 69373 published 2013-08-16 reporter Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69373 title Ubuntu 12.04 LTS / 12.10 / 13.04 : puppet vulnerabilities (USN-1928-1) NASL family Solaris Local Security Checks NASL id SOLARIS11_PUPPET_20140731.NASL description The remote Solaris system is missing necessary patches to address security updates : - Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified last seen 2020-06-01 modified 2020-06-02 plugin id 80744 published 2015-01-19 reporter This script is Copyright (C) 2015-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80744 title Oracle Solaris Third-Party Patch Update : puppet (multiple_vulnerabilities_in_puppet) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_2B2F6092069411E39E8E000C29F6AE42.NASL description Puppet Labs reports : By using the `resource_type` service, an attacker could cause puppet to load arbitrary Ruby files from the puppet master node last seen 2020-06-01 modified 2020-06-02 plugin id 69395 published 2013-08-20 reporter This script is Copyright (C) 2013-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/69395 title FreeBSD : puppet -- multiple vulnerabilities (2b2f6092-0694-11e3-9e8e-000c29f6ae42) NASL family SuSE Local Security Checks NASL id SUSE_11_PUPPET-140318.NASL description The deployment framework puppet received an update for a security issue in January. The backport of this security issue was however incomplete and broke existing setups. As the scope of the problem is limited to local scenarios where an attacker likely has access already, and backporting is not trivial, this update reverts the fix for now. We are evaluating the possibility of an update to puppet 2.7 in the future. last seen 2020-06-05 modified 2014-04-11 plugin id 73468 published 2014-04-11 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73468 title SuSE 11.3 Security Update : puppet (SAT Patch Number 9033) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2013-219.NASL description Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified last seen 2020-06-01 modified 2020-06-02 plugin id 70223 published 2013-10-01 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70223 title Amazon Linux AMI : puppet (ALAS-2013-219) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2013-222.NASL description Updated puppet and puppet3 package fix security vulnerabilities : It was discovered that Puppet incorrectly handled the resource_type service. A local attacker on the master could use this issue to execute arbitrary Ruby files (CVE-2013-4761). It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with the permissions that existed when they were built, possibly exposing them to a local attacker (CVE-2013-4956). last seen 2020-06-01 modified 2020-06-02 plugin id 69491 published 2013-08-28 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69491 title Mandriva Linux Security Advisory : puppet (MDVSA-2013:222) NASL family SuSE Local Security Checks NASL id SUSE_11_PUPPET-140120.NASL description This update for puppet fixes a remote code execution vulnerability in the last seen 2020-06-05 modified 2014-01-29 plugin id 72200 published 2014-01-29 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/72200 title SuSE 11.2 / 11.3 Security Update : puppet (SAT Patch Numbers 8811 / 8812) NASL family CGI abuses NASL id PUPPET_ENTERPRISE_301.NASL description According to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.0.1. As a result, it reportedly has multiple vulnerabilities: - An error exists related to the included Ruby SSL client that could allow man-in-the-middle attacks. (CVE-2013-4073) - An error exists related to the last seen 2020-06-01 modified 2020-06-02 plugin id 70663 published 2013-10-28 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70663 title Puppet Enterprise < 3.0.1 Multiple Vulnerabilities NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201308-04.NASL description The remote host is affected by the vulnerability described in GLSA-201308-04 (Puppet: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information, or bypass security restrictions. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 69464 published 2013-08-25 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69464 title GLSA-201308-04 : Puppet: Multiple vulnerabilities NASL family CGI abuses NASL id PUPPET_2_7_23.NASL description According to its self-reported version number, the Puppet install on the remote host has multiple vulnerabilities: - By using the last seen 2020-06-01 modified 2020-06-02 plugin id 70661 published 2013-10-28 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/70661 title Puppet 2.7.x / 3.2.x < 2.7.23 / 3.2.4 and Enterprise 2.8.x / 3.0.x < 2.8.3 / 3.0.1 Multiple Vulnerabilities
Redhat
| advisories |
| ||||||||
| rpms |
|