Puppet Multiple Local Privilege Escalation Vulnerabilities

Bugtraq ID: 52158
Class: Design Error
CVE: CVE-2012-1053
CVE-2012-1054
Remote: No
Local: Yes
Published: Feb 24 2012 12:00AM
Updated: Mar 12 2012 04:00PM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 11.04
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.10
Ubuntu Ubuntu Linux 10.04 LTS
SuSE SUSE Linux Enterprise Server for VMware 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1 for SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Desktop 11 SP1 for SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Desktop 11 SP1
+ Linux kernel 2.6.5
Red Hat Fedora 17
Red Hat Fedora 16
Red Hat Fedora 15
Puppet Labs Puppet Enterprise 2.0.2
Puppet Labs Puppet Enterprise 1.2
Puppet Labs Puppet Enterprise 1.1
Puppet Labs Puppet Enterprise 1.0
Puppet Labs Puppet 2.7.10
Puppet Labs Puppet 2.7.5
Puppet Labs Puppet 2.7.4
Puppet Labs Puppet 2.6.13
Puppet Labs Puppet 2.6.11
Puppet Labs Puppet 2.6.10
Puppet Labs Puppet 2.6
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Puppet Labs Puppet Enterprise 2.0.3
Puppet Labs Puppet 2.7.11
Puppet Labs Puppet 2.6.14


 

Privacy Statement
Copyright 2010, SecurityFocus