puppet mcollective vulnerabilities and exploits

(subscribe to this query)

mcollective has a default password set at install

Puppet Marionette Collective -Redhat Openshift 2.1 Redhat Openshift 1.0 Debian Debian Linux 8.0 Debian Debian Linux 10.0

Versions of MCollective before 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code execution on the server. The fix for this is to call YAML.safe_load on input. This has been tested in all Puppet-supplied MCollective plugins, ...

Puppet Mcollective

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolve...

Puppet Mcollective-puppet-agent 1.12.0

Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 failed to mark MCollective server private keys as sensitive (a feature added in Puppet 4.6), so key values could be logged and stored in PuppetDB. These releases use the sensitive data type to ensure this won't happen...

Puppet Puppet Enterprise 2016.5.1 Puppet Puppet Enterprise Puppet Puppet Enterprise 2016.5.2 Puppet Puppet Enterprise 2017.1.1 Puppet Puppet Enterprise 2017.1.0

The mcollective-puppet-agent plugin prior to 1.11.1 for Puppet allows remote malicious users to execute arbitrary code via vectors involving the --server argument.

Puppetlabs Mcollective-puppet-agent

The mcollective-sshkey-security plugin prior to 0.5.1 for Puppet uses a server-specified identifier as part of a path where a file is written. A compromised server could use this to write a file to an arbitrary location on the client with the filename appended with the string &qu...

Puppet Mcollective-sshkey-security

Versions of Puppet Enterprise before 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rel...

Puppet Puppet Enterprise 2016.5.1 Puppet Puppet Enterprise Puppet Puppet Enterprise 2016.5.2 Puppet Puppet Enterprise 2017.1.1 Puppet Puppet Enterprise 2017.1.0

Untrusted search path vulnerability in Puppet Enterprise 2.8 prior to 2.8.7, Puppet prior to 2.7.26 and 3.x prior to 3.6.2, Facter 1.6.x and 2.x prior to 2.0.2, Hiera prior to 1.3.4, and Mcollective prior to 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to ga...

Puppet Facter 2.0.0 Puppet Facter 2.0.1 Puppetlabs Facter Puppet Marionette Collective Puppet Hiera Puppet Puppet Enterprise Puppet Puppet

The MCollective aes_security plugin, as used in Puppet Enterprise prior to 3.3.0 and Mcollective prior to 2.5.3, does not properly validate new server certificates based on the CA certificate, which allows local users to establish unauthorized Mcollective connections via unspecif...

Puppetlabs Mcollective -Puppet Puppet Enterprise

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook