Download
| Alert*
oval:org.secpod.oval:def:1601363
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbitrary files via a symlink attack in conjunction with a ... oval:org.secpod.oval:def:5915 The host is installed with Puppet 2.6.x before 2.6.15 or 2.7.x before 2.7.13 or Puppet Enterprise 2.5.0 and is prone to symlink attack. A flaw is present in the applications, which fail to properly handle REST requests for a file from a remote filebucket. Successful exploitation allows wttackers ith ... oval:org.secpod.oval:def:6020 The host is installed with Puppet 2.6.x before 2.6.15 or 2.7.x before 2.7.13 and is prone to symlink attack. A flaw is present in the applications, which fail to properly handle REST requests for a file from a remote filebucket. Successful exploitation allows attackers with an authorized SSL key and ... oval:org.secpod.oval:def:600777 Several vulnerabilities have been discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-1906 Puppet is using predictable temporary file names when downloading Mac OS X package files. This allo ... oval:org.secpod.oval:def:103708 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:103758 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:103698 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:104014 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:700834 puppet: Centralized configuration management Several security issues were fixed in puppet. |