Executive Summary

Summary
Title Puppet vulnerabilities
Informations
Name USN-1372-1 First vendor Publication 2012-02-23
Vendor Ubuntu Last vendor Modification 2012-02-23
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.9 Attack Range Local
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS

Summary:

Puppet could be made to overwrite files and run programs with administrator privileges.

Software Description: - puppet: Centralized configuration management

Details:

It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). (CVE-2012-1053)

It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. (CVE-2012-1054)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10:
puppet-common 2.7.1-1ubuntu3.5

Ubuntu 11.04:
puppet-common 2.6.4-2ubuntu2.8

Ubuntu 10.10:
puppet-common 2.6.1-0ubuntu2.6

Ubuntu 10.04 LTS:
puppet-common 0.25.4-2ubuntu6.6

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1372-1
CVE-2012-1053, CVE-2012-1054

Package Information:
https://launchpad.net/ubuntu/+source/puppet/2.7.1-1ubuntu3.5
https://launchpad.net/ubuntu/+source/puppet/2.6.4-2ubuntu2.8
https://launchpad.net/ubuntu/+source/puppet/2.6.1-0ubuntu2.6
https://launchpad.net/ubuntu/+source/puppet/0.25.4-2ubuntu6.6

Original Source

Url : http://www.ubuntu.com/usn/USN-1372-1

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15175
 
Oval ID: oval:org.mitre.oval:def:15175
Title: DSA-2419-1 puppet -- several
Description: Two vulnerabilities were discovered in Puppet, a centralized configuration management tool. CVE-2012-1053 Puppet runs execs with an unintended group privileges, potentially leading to privilege escalation. CVE-2012-1054 The k5login type writes to untrusted locations, enabling local users to escalate their privileges if the k5login type is used.
Family: unix Class: patch
Reference(s): DSA-2419-1
CVE-2012-1053
CVE-2012-1054
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): puppet
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15218
 
Oval ID: oval:org.mitre.oval:def:15218
Title: USN-1372-1 -- Puppet vulnerabilities
Description: puppet: Centralized configuration management Puppet could be made to overwrite files and run programs with administrator privileges.
Family: unix Class: patch
Reference(s): USN-1372-1
CVE-2012-1053
CVE-2012-1054
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 11.10
Ubuntu 10.04
Ubuntu 10.10
Product(s): Puppet
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 25
Application 8
Application 2

OpenVAS Exploits

Date Description
2012-08-30 Name : Fedora Update for puppet FEDORA-2012-2325
File : nvt/gb_fedora_2012_2325_puppet_fc17.nasl
2012-07-30 Name : Fedora Update for puppet FEDORA-2012-10897
File : nvt/gb_fedora_2012_10897_puppet_fc16.nasl
2012-04-30 Name : Fedora Update for puppet FEDORA-2012-5999
File : nvt/gb_fedora_2012_5999_puppet_fc16.nasl
2012-04-30 Name : Fedora Update for puppet FEDORA-2012-6055
File : nvt/gb_fedora_2012_6055_puppet_fc15.nasl
2012-04-02 Name : Fedora Update for puppet FEDORA-2012-2415
File : nvt/gb_fedora_2012_2415_puppet_fc16.nasl
2012-03-12 Name : Debian Security Advisory DSA 2419-1 (puppet)
File : nvt/deb_2419_1.nasl
2012-03-12 Name : Fedora Update for puppet FEDORA-2012-2367
File : nvt/gb_fedora_2012_2367_puppet_fc15.nasl
2012-03-12 Name : Gentoo Security Advisory GLSA 201203-03 (puppet)
File : nvt/glsa_201203_03.nasl
2012-03-09 Name : Ubuntu Update for puppet USN-1372-1
File : nvt/gb_ubuntu_USN_1372_1.nasl

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-369.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-53.nasl - Type : ACT_GATHER_INFO
2012-03-12 Name : The remote Fedora host is missing a security update.
File : fedora_2012-2325.nasl - Type : ACT_GATHER_INFO
2012-03-12 Name : The remote Fedora host is missing a security update.
File : fedora_2012-2367.nasl - Type : ACT_GATHER_INFO
2012-03-12 Name : The remote Fedora host is missing a security update.
File : fedora_2012-2415.nasl - Type : ACT_GATHER_INFO
2012-03-06 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201203-03.nasl - Type : ACT_GATHER_INFO
2012-03-05 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_puppet-120224.nasl - Type : ACT_GATHER_INFO
2012-02-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2419.nasl - Type : ACT_GATHER_INFO
2012-02-24 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1372-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:59:44
  • Multiple Updates