Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201208-02 (Puppet)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71852

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201208-02 (Puppet)

Resumen: The remote host is missing updates announced in;advisory GLSA 201208-02.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 201208-02.

Vulnerability Insight:
Multiple vulnerabilities have been found in Puppet, the worst of
which could lead to execution of arbitrary code.

Solution:
All Puppet users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-admin/puppet-2.7.13'

CVSS Score:
6.0

CVSS Vector:
AV:N/AC:M/Au:S/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-1906
BugTraq ID: 52975
http://www.securityfocus.com/bid/52975
Debian Security Information: DSA-2451 (Google Search)
http://www.debian.org/security/2012/dsa-2451
http://projects.puppetlabs.com/issues/13260
http://secunia.com/advisories/48743
http://secunia.com/advisories/48748
http://secunia.com/advisories/48789
http://ubuntu.com/usn/usn-1419-1
XForce ISS Database: puppet-macosx-symlink(74793)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74793
Common Vulnerability Exposure (CVE) ID: CVE-2012-1986
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
http://projects.puppetlabs.com/issues/13511
http://secunia.com/advisories/49136
SuSE Security Announcement: openSUSE-SU-2012:0608 (Google Search)
https://hermes.opensuse.org/messages/14523305
SuSE Security Announcement: openSUSE-SU-2012:0835 (Google Search)
https://hermes.opensuse.org/messages/15087408
XForce ISS Database: puppet-rest-symlink(74794)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
Common Vulnerability Exposure (CVE) ID: CVE-2012-1987
http://projects.puppetlabs.com/issues/13552
http://projects.puppetlabs.com/issues/13553
http://www.osvdb.org/81308
XForce ISS Database: puppet-rest-dos(74795)
Common Vulnerability Exposure (CVE) ID: CVE-2012-1988
http://projects.puppetlabs.com/issues/13518
http://www.osvdb.org/81309
XForce ISS Database: puppet-file-bucket-command-exec(74796)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74796
Common Vulnerability Exposure (CVE) ID: CVE-2012-1989
http://projects.puppetlabs.com/issues/13606
http://lists.opensuse.org/opensuse-updates/2012-05/msg00012.html
XForce ISS Database: puppet-nettelnet-symlink(74797)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74797

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71852
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201208-02 (Puppet)
Resumen:	The remote host is missing updates announced in;advisory GLSA 201208-02.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 201208-02. Vulnerability Insight: Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. Solution: All Puppet users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/puppet-2.7.13' CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1906 BugTraq ID: 52975 http://www.securityfocus.com/bid/52975 Debian Security Information: DSA-2451 (Google Search) http://www.debian.org/security/2012/dsa-2451 http://projects.puppetlabs.com/issues/13260 http://secunia.com/advisories/48743 http://secunia.com/advisories/48748 http://secunia.com/advisories/48789 http://ubuntu.com/usn/usn-1419-1 XForce ISS Database: puppet-macosx-symlink(74793) https://exchange.xforce.ibmcloud.com/vulnerabilities/74793 Common Vulnerability Exposure (CVE) ID: CVE-2012-1986 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html http://projects.puppetlabs.com/issues/13511 http://secunia.com/advisories/49136 SuSE Security Announcement: openSUSE-SU-2012:0608 (Google Search) https://hermes.opensuse.org/messages/14523305 SuSE Security Announcement: openSUSE-SU-2012:0835 (Google Search) https://hermes.opensuse.org/messages/15087408 XForce ISS Database: puppet-rest-symlink(74794) https://exchange.xforce.ibmcloud.com/vulnerabilities/74794 Common Vulnerability Exposure (CVE) ID: CVE-2012-1987 http://projects.puppetlabs.com/issues/13552 http://projects.puppetlabs.com/issues/13553 http://www.osvdb.org/81308 XForce ISS Database: puppet-rest-dos(74795) Common Vulnerability Exposure (CVE) ID: CVE-2012-1988 http://projects.puppetlabs.com/issues/13518 http://www.osvdb.org/81309 XForce ISS Database: puppet-file-bucket-command-exec(74796) https://exchange.xforce.ibmcloud.com/vulnerabilities/74796 Common Vulnerability Exposure (CVE) ID: CVE-2012-1989 http://projects.puppetlabs.com/issues/13606 http://lists.opensuse.org/opensuse-updates/2012-05/msg00012.html XForce ISS Database: puppet-nettelnet-symlink(74797) https://exchange.xforce.ibmcloud.com/vulnerabilities/74797
Copyright	Copyright (C) 2012 E-Soft Inc.