This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
It was discovered that Puppet, a centralized configuration management
solution, misgenerated certificates if the 'certdnsnames' option was
used. This could lead to man in the middle attacks. More details are
available on the Puppet web site.
See also :
Upgrade the puppet packages.
For the oldstable distribution (lenny), this problem has been fixed in
For the stable distribution (squeeze), this problem has been fixed in
Risk factor :
Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.1
Public Exploit Available : true