Puppet CVE-2013-4969 Symlink Attack Local Privilege Escalation Vulnerabilities

Bugtraq ID: 64552
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-4969
Remote: No
Local: Yes
Published: Dec 27 2013 12:00AM
Updated: Apr 13 2015 10:07PM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 13.10
Ubuntu Ubuntu Linux 13.04
Ubuntu Ubuntu Linux 12.10
Ubuntu Ubuntu Linux 12.04
Puppetlabs Puppet Enterprise 3.1
Puppetlabs Puppet Enterprise 3.0.1
Puppetlabs Puppet Enterprise 3.0
Puppetlabs Puppet Enterprise 2.8.3
Puppetlabs Puppet Enterprise 2.8.2
Puppetlabs Puppet Enterprise 2.7.2
Puppetlabs Puppet Enterprise 2.7.1
Puppetlabs Puppet Enterprise 2.7
Puppetlabs Puppet Enterprise 2.5.2
Puppetlabs Puppet Enterprise 2.5.1
Puppetlabs Puppet Enterprise 2.0.3
Puppetlabs Puppet Enterprise 2.0.2
Puppetlabs Puppet Enterprise 1.2.7
Puppetlabs Puppet Enterprise 3.0
Puppetlabs Puppet Enterprise 2.8.0
Puppetlabs Puppet Enterprise 2.6
Puppetlabs Puppet Enterprise 1.2
Puppetlabs Puppet Enterprise 1.1
Puppetlabs Puppet Enterprise 1.0
Puppetlabs Puppet Enterprise 2.0
Puppetlabs Puppet 3.2.4
Puppetlabs Puppet 3.2.2
Puppetlabs Puppet 3.2
Puppetlabs Puppet 3.1.1
Puppetlabs Puppet 3.1
Puppetlabs Puppet 3.0.1
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Puppetlabs Puppet Enterprise 3.1.1
Puppetlabs Puppet Enterprise 2.8.4
Puppetlabs Puppet 3.4.1
Puppetlabs Puppet 3.3.3


 

Privacy Statement
Copyright 2010, SecurityFocus