The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Puppet Labs Puppet

vulnerability announce CVE-2017-17485 CVE-2017-7525 CVE-2018-5968

Apache Struts: code execution via com.fasterxml.jackson

Synthesis of the vulnerability

An attacker can use a vulnerability (VIGILANCE-VUL-23406) of com.fasterxml.jackson of Apache Struts, in order to run code.
Impacted products: Struts, Debian, Oracle Communications, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle Internet Directory, Tuxedo, Oracle Virtual Directory, WebLogic, Puppet, JBoss EAP by Red Hat.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 12/12/2017.
Identifiers: CERTFR-2017-AVI-470, cpuapr2018, cpuapr2019, cpujan2019, cpujul2018, cpuoct2018, CVE-2017-17485, CVE-2017-7525, CVE-2018-5968, DSA-4037-1, DSA-4114-1, ibm10715641, ibm10738249, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, RHSA-2018:0294-01, RHSA-2018:0478-01, RHSA-2018:0479-01, RHSA-2018:0480-01, RHSA-2018:0481-01, RHSA-2018:1447-01, RHSA-2018:1448-01, RHSA-2018:1449-01, RHSA-2018:1450-01, RHSA-2018:1451-01, RHSA-2018:2930-01, S2-055, VIGILANCE-VUL-24732.

Description of the vulnerability

An attacker can use a vulnerability (VIGILANCE-VUL-23406) of com.fasterxml.jackson of Apache Struts, in order to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-2299

puppetlabs-apache: privilege escalation via TLS Trust Misconfiguration

Synthesis of the vulnerability

An attacker can bypass restrictions via TLS Trust Misconfiguration of puppetlabs-apache, in order to escalate his privileges.
Impacted products: Puppet.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: document.
Creation date: 08/11/2017.
Identifiers: CVE-2017-2299, VIGILANCE-VUL-24392.

Description of the vulnerability

An attacker can bypass restrictions via TLS Trust Misconfiguration of puppetlabs-apache, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-7525

jackson-databind: code execution via ObjectMapper readValue

Synthesis of the vulnerability

An attacker can use a vulnerability via ObjectMapper readValue() of jackson-databind, in order to run code.
Impacted products: Debian, Fedora, Oracle Communications, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle Internet Directory, Tuxedo, Oracle Virtual Directory, WebLogic, Puppet, RHEL, JBoss EAP by Red Hat.
Severity: 2/4.
Consequences: user access/rights.
Provenance: document.
Creation date: 01/08/2017.
Identifiers: cpuapr2018, cpuapr2019, cpujan2019, cpujul2018, cpuoct2018, CVE-2017-7525, DSA-4004-1, FEDORA-2017-6a75c816fa, FEDORA-2017-8df9efed5f, FEDORA-2017-f452765e1e, FEDORA-2018-bbf8c38b51, FEDORA-2018-e4b025841e, ibm10715641, ibm10738249, RHSA-2017:1834-01, RHSA-2017:1835-01, RHSA-2017:1836-01, RHSA-2017:1837-01, RHSA-2017:1839-01, RHSA-2017:1840-01, RHSA-2017:2477-01, RHSA-2017:2546-01, RHSA-2017:2547-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, RHSA-2018:0294-01, RHSA-2018:1447-01, RHSA-2018:1448-01, RHSA-2018:1449-01, RHSA-2018:1450-01, RHSA-2018:1451-01, VIGILANCE-VUL-23406.

Description of the vulnerability

An attacker can use a vulnerability via ObjectMapper readValue() of jackson-databind, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-2296

Puppet Enterprise: denial of service via RBAC/Classifier

Synthesis of the vulnerability

An attacker can generate a fatal error via RBAC/Classifier of Puppet Enterprise, in order to trigger a denial of service.
Impacted products: Puppet.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 23/06/2017.
Identifiers: CVE-2017-2296, VIGILANCE-VUL-23077.

Description of the vulnerability

An attacker can generate a fatal error via RBAC/Classifier of Puppet Enterprise, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-2292 CVE-2017-2293 CVE-2017-2294

Puppet Labs Puppet: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Puppet Labs Puppet.
Impacted products: Debian, Fedora, openSUSE Leap, Solaris, Puppet, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 12/05/2017.
Identifiers: bulletinjul2018, CVE-2017-2292, CVE-2017-2293, CVE-2017-2294, CVE-2017-2295, CVE-2017-2297, DLA-1012-1, DSA-3862-1, FEDORA-2017-8ad8d1bd86, FEDORA-2017-b9b66117bb, openSUSE-SU-2017:1948-1, SUSE-SU-2017:2113-1, USN-3308-1, VIGILANCE-VUL-22719.

Description of the vulnerability

Several vulnerabilities were announced in Puppet Labs Puppet.

An attacker can use a vulnerability of the YAML parser, in order to run code in MCollective. [severity:3/4; CVE-2017-2292]

An attacker can tamper with the MCollective server to deploy arbitrary programs. [severity:2/4; CVE-2017-2293]

An attacker can bypass security features via MCollective Private Keys, in order to obtain sensitive information. [severity:2/4; CVE-2017-2294]

An attacker can use a vulnerability of the YAML parser, in order to run code in the Puppet server. [severity:3/4; CVE-2017-2295]

An attacker can get the access rights of another user. [severity:3/4; CVE-2017-2297]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-2290

Puppet mcollective-puppet-agent: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of Puppet mcollective-puppet-agent, in order to escalate his privileges.
Impacted products: Puppet.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 06/04/2017.
Identifiers: CVE-2017-2290, VIGILANCE-VUL-22361.

Description of the vulnerability

An attacker can bypass restrictions of Puppet mcollective-puppet-agent, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-9686

Puppet Labs Puppet: buffer overflow

Synthesis of the vulnerability

An attacker can generate a buffer overflow of Puppet Labs Puppet, in order to trigger a denial of service, and possibly to run code.
Impacted products: Puppet.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service.
Provenance: intranet client.
Creation date: 08/02/2017.
Identifiers: CVE-2016-9686, VIGILANCE-VUL-21775.

Description of the vulnerability

An attacker can generate a buffer overflow of Puppet Labs Puppet, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-5714 CVE-2016-5715 CVE-2016-5716

Puppet: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Puppet.
Impacted products: Puppet.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 17/10/2016.
Revision date: 21/10/2016.
Identifiers: CVE-2016-5714, CVE-2016-5715, CVE-2016-5716, VIGILANCE-VUL-20883.

Description of the vulnerability

Several vulnerabilities were announced in Puppet.

An attacker can deceive the user via Puppet Enterprise Console, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-5715]

An attacker can use a vulnerability via PXP, in order to run code. [severity:3/4]

An attacker can bypass security features via PCP, in order to escalate his privileges. [severity:2/4]

An attacker can use a vulnerability via Puppet Enterprise Console, in order to run code. [severity:3/4; CVE-2016-5716]

An attacker can bypass security features via Environment Catalogs, in order to escalate his privileges. [severity:2/4; CVE-2016-5714]

An attacker can check the validity of a username, in order to obtain sensitive information. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2016-6302 CVE-2016-6303 CVE-2016-6304

OpenSSL: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of OpenSSL.
Impacted products: SDS, SES, SNS, Mac OS X, Arkoon FAST360, Blue Coat CAS, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, Cisco ASR, Cisco Aironet, Cisco ATA, Cisco AnyConnect Secure Mobility Client, Cisco ACE, ASA, AsyncOS, Cisco Catalyst, Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure, Cisco Prime LMS, Cisco Router, Secure ACS, Cisco CUCM, Cisco Manager Attendant Console, Cisco Unified CCX, Cisco IP Phone, Cisco MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless Controller, Debian, BIG-IP Hardware, TMOS, Fedora, FileZilla Server, FortiAnalyzer, FortiAnalyzer Virtual Appliance, FortiGate, FortiGate Virtual Appliance, FortiOS, FreeBSD, FreeRADIUS, hMailServer, HP Switch, AIX, DB2 UDB, IRAD, QRadar SIEM, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, MariaDB ~ precise, McAfee Email Gateway, ePO, MySQL Community, MySQL Enterprise, NetScreen Firewall, ScreenOS, Nodejs Core, OpenBSD, OpenSSL, openSUSE, openSUSE Leap, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Solaris, Tuxedo, VirtualBox, WebLogic, Oracle Web Tier, Percona Server, pfSense, Pulse Connect Secure, Pulse Secure Client, Pulse Secure SBR, Puppet, RHEL, JBoss EAP by Red Hat, SAS Add-in for Microsoft Office, SAS Analytics Pro, Base SAS Software, SAS Enterprise BI Server, SAS Enterprise Guide, SAS Management Console, SAS OLAP Server, SAS SAS/ACCESS, SAS SAS/AF, SAS SAS/CONNECT, SAS SAS/EIS, SAS SAS/ETS, SAS SAS/FSP, SAS SAS/GRAPH, SAS SAS/IML, SAS SAS/OR, SAS SAS/STAT, SAS SAS/Web Report Studio, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Nessus, Ubuntu, VxWorks, WinSCP.
Severity: 3/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 7.
Creation date: 22/09/2016.
Identifiers: 1991866, 1991867, 1991870, 1991871, 1991875, 1991876, 1991878, 1991880, 1991882, 1991884, 1991885, 1991886, 1991887, 1991889, 1991892, 1991894, 1991896, 1991902, 1991903, 1991951, 1991955, 1991959, 1991960, 1991961, 1992681, 1993777, 1996096, 1999395, 1999421, 1999474, 1999478, 1999479, 1999488, 1999532, 2000095, 2000209, 2000544, 2002870, 2003480, 2003620, 2003673, 2008828, bulletinapr2017, bulletinjul2016, bulletinoct2016, CERTFR-2016-AVI-320, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpuapr2018, cpujan2017, cpujan2018, cpujul2017, cpuoct2017, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, DLA-637-1, DSA-3673-1, DSA-3673-2, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FG-IR-16-047, FG-IR-16-048, FG-IR-17-127, FreeBSD-SA-16:26.openssl, HPESBHF03856, HT207423, JSA10759, openSUSE-SU-2016:2391-1, openSUSE-SU-2016:2407-1, openSUSE-SU-2016:2496-1, openSUSE-SU-2016:2537-1, openSUSE-SU-2018:0458-1, RHSA-2016:1940-01, RHSA-2016:2802-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA132, SA40312, SB10171, SB10215, SOL54211024, SOL90492697, SP-CAAAPUE, SPL-129207, SSA:2016-266-01, STORM-2016-005, SUSE-SU-2016:2387-1, SUSE-SU-2016:2394-1, SUSE-SU-2016:2458-1, SUSE-SU-2016:2468-1, SUSE-SU-2016:2469-1, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, TNS-2016-16, USN-3087-1, USN-3087-2, VIGILANCE-VUL-20678.

Description of the vulnerability

Several vulnerabilities were announced in OpenSSL.

An attacker can create a memory over consumption via an OCSP request, in order to trigger a denial of service. [severity:3/4; CVE-2016-6304]

An attacker can make a process block itself via SSL_peek, in order to trigger a denial of service. [severity:2/4; CVE-2016-6305]

An attacker can generate a buffer overflow via MDC2_Update, in order to trigger a denial of service, and possibly to run code. [severity:1/4; CVE-2016-6303]

An attacker can generate a read only buffer overflow, in order to trigger a denial of service. [severity:1/4; CVE-2016-6302]

An attacker can generate a read only buffer overflow via the parsing of an X.509 certificate, in order to trigger a denial of service. [severity:1/4; CVE-2016-6306]

An attacker can make the server allocates a large amount of memory to process TLS packets. [severity:1/4; CVE-2016-6307]

An attacker can make the server allocates a large amount of memory to process DTLS packets. [severity:1/4; CVE-2016-6308]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-7167

libcurl: integer overflow via curl_escape

Synthesis of the vulnerability

An attacker can generate an integer overflow via functions of the curl_escape() family of libcurl, in order to trigger a denial of service, and possibly to run code.
Impacted products: SDS, SES, SNS, OpenOffice, Mac OS X, curl, Debian, Fedora, Juniper EX-Series, Junos OS, SRX-Series, openSUSE Leap, Solaris, pfSense, Puppet, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 14/09/2016.
Identifiers: bulletinoct2016, cpuoct2018, CVE-2016-7167, DLA-1568-1, DLA-625-1, FEDORA-2016-7a2ed52d41, FEDORA-2016-80f4f71eff, HT207423, JSA10874, openSUSE-SU-2016:2768-1, RHSA-2017:2016-01, RHSA-2018:3558-01, SSA:2016-259-01, STORM-2019-002, SUSE-SU-2016:2699-1, SUSE-SU-2016:2714-1, USN-3123-1, VIGILANCE-VUL-20606.

Description of the vulnerability

The libcurl library provides the curl_escape(), curl_easy_escape(), curl_unescape() and curl_easy_unescape() functions to convert special characters.

However, if the requested size is too large, an integer overflows, and an allocated memory area is too short.

An attacker can therefore generate an integer overflow via functions of the curl_escape() family of libcurl, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Puppet Labs Puppet: