 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2012-3864 |
| Description: | Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.71473 1.3.6.1.4.1.25623.1.1.4.2012.0983.1 1.3.6.1.4.1.25623.1.0.71525 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-3864 Debian Security Information: DSA-2511 (Google Search) http://www.debian.org/security/2012/dsa-2511 http://secunia.com/advisories/50014 SuSE Security Announcement: SUSE-SU-2012:0983 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html SuSE Security Announcement: openSUSE-SU-2012:0891 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html http://www.ubuntu.com/usn/USN-1506-1 |