Puppet Enterprise Dashboard Report YAML Handling Arbitrary Code Execution Vulnerability

Bugtraq ID: 63173
Class: Unknown
CVE: CVE-2013-4957
Remote: Yes
Local: No
Published: Oct 15 2013 12:00AM
Updated: Mar 19 2015 09:10AM
Credit: Reported by the vendor.
Vulnerable: Puppet Labs Puppet Enterprise 2.5.1
Puppet Labs Puppet Enterprise 2.0.3
Puppet Labs Puppet Enterprise 2.0.2
Puppet Labs Puppet Enterprise 2.6
Puppet Labs Puppet Enterprise 1.2
Puppet Labs Puppet Enterprise 1.1
Puppet Labs Puppet Enterprise 1.0
Puppet Labs Puppet Enterprise 2.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus