Puppet Enterprise < 3.1.0 Multiple Vulnerabilities

Medium Nessus Plugin ID 70684

Synopsis

A web application on the remote host is affected by multiple vulnerabilities.

Description

According to its self-reported version number, the Puppet Enterprise install on the remote host is a version prior to 3.1.0. As a result, it is reportedly affected by multiple vulnerabilities :

- An error exists related to the Fiddle and DL modules, '$SAFE' level verification and object handling that could allow an attacker to modify system calls.
(CVE-2013-2065)

- A remote code execution vulnerability exists that is triggered when handling a YAML report. This could allow a remote attacker to execute arbitrary code.
(CVE-2013-4957)

- A console account brute-force vulnerability exists that could allow an attacker to brute-force a known user's password. (CVE-2013-4965)

- A RubyGems algorithmic complexity denial of service vulnerability exists that could allow an attacker to cause a denial of service through CPU consumption.
(CVE-2013-4287)

Solution

Upgrade to Puppet Enterprise 3.1.0 or later.

See Also

https://puppet.com/security/cve/cve-2013-2065

https://puppet.com/security/cve/cve-2013-4957

https://puppet.com/security/cve/cve-2013-4965

https://puppet.com/security/cve/cve-2013-4287

Plugin Details

Severity: Medium

ID: 70684

File Name: puppet_enterprise_310.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 2013/10/29

Updated: 2018/11/15

Dependencies: 66233

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:puppetlabs:puppet

Required KB Items: puppet/rest_port

Exploit Available: false

Exploit Ease: No exploit is required

Patch Publication Date: 2013/10/15

Vulnerability Publication Date: 2013/09/09

Reference Information

CVE: CVE-2013-2065, CVE-2013-4287, CVE-2013-4957, CVE-2013-4965

BID: 59881, 62281, 63173, 63386