Published: 16/11/2014 Updated: 16/07/2019

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

VMScore: 552

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Untrusted search path vulnerability in Puppet Enterprise 2.8 prior to 2.8.7, Puppet prior to 2.7.26 and 3.x prior to 3.6.2, Facter 1.6.x and 2.x prior to 2.0.2, Hiera prior to 1.3.4, and Mcollective prior to 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

Vulnerable Product	Search on Vulmon	Subscribe to Product
puppetlabs facter
puppet facter 2.0.1
puppet facter 2.0.0
puppet marionette collective
puppet hiera
puppet puppet
puppet puppet enterprise

Several security issues were fixed in Puppet ...

Untrusted search path vulnerability in Puppet Enterprise 28 before 287, Puppet before 2726 and 3x before 362, Facter 16x and 2x before 202, Hiera before 134, and Mcollective before 252, when running with Ruby 191 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonst ...

CWE-17 http://rowediness.com/2014/06/13/cve-2014-3248-a-little-problem-with-puppet/http://secunia.com/advisories/59197 http://www.securityfocus.com/bid/68035 http://secunia.com/advisories/59200 http://puppetlabs.com/security/cve/cve-2014-3248 https://usn.ubuntu.com/3308-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-3248

CVE-2014-3248

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect