|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2352-1 (puppet)|
|Summary:||Debian Security Advisory DSA 2352-1 (puppet)|
|Description:||The remote host is missing an update to puppet|
announced via advisory DSA 2352-1.
It was discovered that Puppet, a centralized configuration management
solution, misgenerated certificates if the certdnsnames option was
used. This could lead to man in the middle attacks. More details are
available at http://puppetlabs.com/security/cve/cve-2011-3872/
For the oldstable distribution (lenny), this problem has been fixed in
For the stable distribution (squeeze), this problem has been fixed in
For the unstable distribution (sid), this problem has been fixed in
We recommend that you upgrade your puppet packages.
Common Vulnerability Exposure (CVE) ID: CVE-2011-3872|
BugTraq ID: 50356
XForce ISS Database: puppet-x509-spoofing(70970)
|Copyright||Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.