Fedora 16 : puppet-2.6.17-2.fc16 (2012-10897)

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

This is an upstream security release. It addresses a number of issues
found in puppet-2.6.x. The Red Hat security team has rated this update
as having low security impact.

Refer to the upstream release notes and bugzilla entries for further
details.

http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.17

NetworkManager compatibility should be improved in this release,
thanks to Orion Poplawski (any bugs in implementing Orion's suggested
dispatcher script are my own).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.17
https://bugzilla.redhat.com/show_bug.cgi?id=839130
https://bugzilla.redhat.com/show_bug.cgi?id=839131
https://bugzilla.redhat.com/show_bug.cgi?id=839158
http://www.nessus.org/u?f8b1a925

Solution :

Update the affected puppet package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 60146 ()

Bugtraq ID: 54399

CVE ID: CVE-2012-3864
CVE-2012-3865
CVE-2012-3867

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now