Download
| Alert*
|
oval:org.secpod.oval:def:1601351
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. in a node name. ... oval:org.secpod.oval:def:700936 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:104775 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:104016 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:600847 Several security vulnerabilities have been found in Puppet, a centralized configuration management: CVE-2012-3864 Authenticated clients could read arbitrary files on the puppet master. CVE-2012-3865 Authenticated clients could delete arbitrary files on the puppet master. CVE-2012-3866 The report of ... oval:org.secpod.oval:def:104014 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... |
