This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
It was discovered that Puppet, a centralized configuration management
solution, misgenerated certificates if the 'certdnsnames' option was
used. This could lead to man in the middle attacks. More details are
available on the Puppet website.
See also :
Upgrade the puppet packages.
For the oldstable distribution (lenny), this problem has been fixed in
For the stable distribution (squeeze), this problem has been fixed in
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true
Family: Debian Local Security Checks
Nessus Plugin ID: 56923 ()
Bugtraq ID: 50356
CVE ID: CVE-2011-3872
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.