This script is Copyright (C) 2013 Tenable Network Security, Inc.
A web application on the remote host has multiple vulnerabilities.
According to its self-reported version number, the Puppet Enterprise
install on the remote host is earlier than 3.0.1. As a result, it
reportedly has multiple vulnerabilities:
- Multiple session vulnerabilities exist that could
allow an attacker to hijack an arbitrary session and
gain unauthorized access. (CVE-2013-4762, CVE-2013-4964)
- Multiple security bypass vulnerabilities exist that
could allow an attacker to gain unauthorized access
and perform sensitive transactions. (CVE-2013-4958,
- Multiple information disclosure vulnerabilities exist
that could allow an attacker to access sensitive
information such as server software versions, MAC
addresses, SSH keys, and database passwords.
(CVE-2013-4959, CVE-2013-4961, CVE-2013-4967)
- An open-redirection vulnerability exists that could
allow an attacker to attempt a phishing attack.
- Clickjacking and cross-site-scripting vulnerabilities
exist that could allow an attacker to trick users into
sending them sensitive information such as passwords.
- A cross-site request forgery vulnerability exists that
could allow an attacker to manipulate a logged in user's
browser to perform sensitive transactions on the user's
See also :
Upgrade to Puppet Enterprise 3.0.1 or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.7
Public Exploit Available : true