Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2011-3872

Published: 27/10/2011 Updated: 11/07/2019
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Subscribe to Puppet

Vulnerability Summary

Puppet 2.6.x prior to 2.6.12 and 2.7.x prior to 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 prior to 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote malicious users to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

puppet puppet 2.6.1

puppet puppet 2.6.8

puppetlabs puppet 2.7.0

puppet puppet 2.7.4

puppet puppet 2.6.9

puppet puppet 2.6.10

puppet puppet 2.6.7

puppet puppet 2.6.6

puppet puppet 2.7.3

puppet puppet 2.7.5

puppet puppet 2.6.0

puppet puppet 2.6.4

puppet puppet 2.6.5

puppet puppet 2.6.11

puppet puppet 2.6.3

puppet puppet 2.6.2

puppet puppet 2.7.2

puppetlabs puppet 2.7.1

puppet puppet enterprise 1.2.2

puppet puppet enterprise 1.2.3

puppetlabs puppet enterprise users 1.0

puppet puppet enterprise 1.2.0

puppetlabs puppet enterprise users 1.1

puppet puppet enterprise 1.2.1

Vendor Advisories

Ubuntu Security Notice: puppet vulnerability
The Puppet master server could be impersonated in certain configurations ...
Debian Security Advisories: DSA-2352-1 puppet -- programming error
It was discovered that Puppet, a centralized configuration management solution, misgenerated certificates if the certdnsnames option was used This could lead to man in the middle attacks More details are available on the Puppet web site For the oldstable distribution (lenny), this problem has been fixed in version 0245-3+lenny2 For the stabl ...

Github Repositories

https://github.com/puppetlabs/puppetlabs-cve20113872

Puppet Module to help fix and migrate a Puppet deployment (CVE-2011-3872)

CVE-2011-3872 Remediation Toolkit This module will help you permanently remediate the CVE-2011-3872 AltNames vulnerability Usage Guides Please see the detailed usage guides at: README-detailedmarkdown (for remediating your site with Puppet) README-ssh-onlymarkdown (For remediating your site with SSH) Summary If your puppet master's certdnsnames setting has ever been

References

CWE-20http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1http://secunia.com/advisories/46578http://www.ubuntu.com/usn/USN-1238-1http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/http://www.ubuntu.com/usn/USN-1238-2http://secunia.com/advisories/46550http://www.securityfocus.com/bid/50356http://secunia.com/advisories/46934http://secunia.com/advisories/46964https://exchange.xforce.ibmcloud.com/vulnerabilities/70970https://puppet.com/security/cve/cve-2011-3872https://usn.ubuntu.com/1238-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook