Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability

Bugtraq ID: 68035
Class: Design Error
CVE: CVE-2014-3248
Remote: Yes
Local: No
Published: Jun 13 2014 12:00AM
Updated: May 07 2015 05:23PM
Credit: Dennis Rowe
Vulnerable: Puppetlabs Puppet Enterprise 2.8.3
Puppetlabs Puppet Enterprise 2.8.2
Puppetlabs Puppet Enterprise 2.8.6
Puppetlabs Puppet Enterprise 2.8.4
Puppetlabs Puppet Enterprise 2.8.0
Puppetlabs Puppet 4.0.1
Puppetlabs Puppet 3.4.1
Puppetlabs Puppet 3.3.3
Puppetlabs Puppet 3.2.4
Puppetlabs Puppet 3.2.2
Puppetlabs Puppet 3.2
Puppetlabs Puppet 3.1.1
Puppetlabs Puppet 3.1
Puppetlabs Puppet 3.0.1
Puppetlabs Puppet 2.8.3
Puppetlabs Puppet 2.7.23
Puppetlabs Puppet 2.7.22
Puppetlabs Puppet 2.7.21
Puppetlabs Puppet 2.7.18
Puppetlabs Puppet 2.7.13
Puppetlabs Puppet 2.7.11
Puppetlabs Puppet 2.7.10
Puppetlabs Puppet 2.7.5
Puppetlabs Puppet 2.7.4
Puppetlabs Puppet 2.6.18
Puppetlabs Puppet 2.6.17
Puppetlabs Puppet 2.6.15
Puppetlabs Puppet 2.6.14
Puppetlabs Puppet 2.6.13
Puppetlabs Puppet 2.6.11
Puppetlabs Puppet 2.6.10
Puppetlabs Puppet 2.6.4
Puppetlabs Puppet 2.6.3
Puppetlabs Puppet 3.1.2
Puppetlabs Puppet 2.7
Puppetlabs Puppet 2.6
Puppetlabs Mcollective 0
Puppetlabs Hiera 0
Puppetlabs Facter 1.6
Puppetlabs Facter 2.0
Pexip AS Infinity 8
Pexip AS Infinity 7
Pexip AS Infinity 6
Pexip AS Infinity 5
Pexip AS Infinity 4
Pexip AS Infinity 3
Pexip AS Infinity 2
Pexip AS Infinity 1
Oracle Solaris 11.2
Gentoo Linux
Not Vulnerable: Puppetlabs Puppet Enterprise 2.8.7
Puppetlabs Puppet 3.6.2
Puppetlabs Puppet 2.7.26
Puppetlabs Mcollective 2.5.2
Puppetlabs Hiera 1.3.4
Puppetlabs Facter 2.0.2
Pexip AS Infinity 8.1
Oracle Solaris 11.2.4.6.0


 

Privacy Statement
Copyright 2010, SecurityFocus