CVE-2011-3872

low

Description

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."

References

https://puppet.com/security/cve/cve-2011-3872

https://exchange.xforce.ibmcloud.com/vulnerabilities/70970

http://www.ubuntu.com/usn/USN-1238-2

http://www.ubuntu.com/usn/USN-1238-1

http://www.securityfocus.com/bid/50356

http://secunia.com/advisories/46964

http://secunia.com/advisories/46934

http://secunia.com/advisories/46578

http://secunia.com/advisories/46550

http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/

http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1

Details

Source: Mitre, NVD

Published: 2011-10-27

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Severity: Low