Puppet CVE-2013-4969 Symlink Attack Local Privilege Escalation Vulnerabilities

Bugtraq ID: 64552
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-4969
Remote: No
Local: Yes
Published: Dec 27 2013 12:00AM
Updated: Feb 18 2014 05:27PM
Credit: The vendor reported this issue.
Vulnerable: Puppet Labs Puppet Enterprise 2.5.1
Puppet Labs Puppet Enterprise 2.0.3
Puppet Labs Puppet Enterprise 2.0.2
Puppet Labs Puppet Enterprise 2.6
Puppet Labs Puppet Enterprise 1.2
Puppet Labs Puppet Enterprise 1.1
Puppet Labs Puppet Enterprise 1.0
Puppet Labs Puppet Enterprise 2.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus