Puppet Enterprise Dashboard Report YAML Handling Arbitrary Code Execution Vulnerability

Bugtraq ID: 63173
Class: Unknown
CVE: CVE-2013-4957
Remote: Yes
Local: No
Published: Oct 15 2013 12:00AM
Updated: Oct 15 2013 12:00AM
Credit: Reported by the vendor.
Vulnerable: Puppet Labs Puppet Enterprise 2.5.1
Puppet Labs Puppet Enterprise 2.0.3
Puppet Labs Puppet Enterprise 2.0.2
Puppet Labs Puppet Enterprise 2.6
Puppet Labs Puppet Enterprise 1.2
Puppet Labs Puppet Enterprise 1.2
Puppet Labs Puppet Enterprise 1.1
Puppet Labs Puppet Enterprise 1.0
Puppet Labs Puppet Enterprise 2.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus