How to Buy
This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
A web application on the remote host has multiple vulnerabilities.
According to its self-reported version number, the Puppet Enterprise
install on the remote host is a version prior to 3.0.1. As a result,
it reportedly has multiple vulnerabilities:
- An error exists related to the included Ruby SSL client
that could allow man-in-the-middle attacks.
- An error exists related to the 'resource_type' service
that could allow a local attacker to cause arbitrary
Ruby files to be executed. (CVE-2013-4761)
- Multiple session vulnerabilities exist that could
allow an attacker to hijack an arbitrary session and
gain unauthorized access. (CVE-2013-4762, CVE-2013-4964)
- An error exists related to 'Puppet Module Tool' (PMT)
and improper permissions. (CVE-2013-4956)
- Multiple security bypass vulnerabilities exist that
could allow an attacker to gain unauthorized access
and perform sensitive transactions. (CVE-2013-4958,
- Multiple information disclosure vulnerabilities exist
that could allow an attacker to access sensitive
information such as server software versions, MAC
addresses, SSH keys, and database passwords.
(CVE-2013-4959, CVE-2013-4961, CVE-2013-4967)
- An open-redirection vulnerability exists that could
allow an attacker to attempt a phishing attack.
- Clickjacking and cross-site-scripting vulnerabilities
exist that could allow an attacker to trick users into
sending them sensitive information such as passwords.
- A cross-site request forgery vulnerability exists that
could allow an attacker to manipulate a logged in user's
browser to perform sensitive transactions on the user's
See also :
Upgrade to Puppet Enterprise 3.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 6.0
Public Exploit Available : true
Family: CGI abuses
Nessus Plugin ID: 70663 ()
Bugtraq ID: 60843618056180661856618576185961860618616186261870619456194966541
CVE ID: CVE-2013-4073CVE-2013-4761CVE-2013-4762CVE-2013-4955CVE-2013-4956CVE-2013-4958CVE-2013-4959CVE-2013-4961CVE-2013-4962CVE-2013-4963CVE-2013-4964CVE-2013-4967CVE-2013-4968
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.