exploitDog

GHSA-92v7-pq4h-58j5

Опубликовано: 24 окт. 2017

Источник: github

Github: Прошло ревью

Описание

facter, hiera, mcollective-client, and puppet affected by untrusted search path vulnerability

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

Ссылки

Пакеты

Наименование

facter

rubygems

Затронутые версииВерсия исправления

< 1.7.6

1.7.6

Наименование

facter

rubygems

Затронутые версииВерсия исправления

>= 2.0.0, < 2.0.2

2.0.2

Наименование

hiera

rubygems

Затронутые версииВерсия исправления

< 1.3.4

1.3.4

Наименование

puppet

rubygems

Затронутые версииВерсия исправления

< 2.7.26

2.7.26

Наименование

puppet

rubygems

Затронутые версииВерсия исправления

>= 3.0.0, < 3.6.2

3.6.2

Наименование

mcollective-client

rubygems

Затронутые версииВерсия исправления

< 2.5.2

2.5.2

EPSS

Процентиль: 37%

0.00164

Низкий

CVE ID

Связанные уязвимости

CVE-2014-3248

ubuntu

около 11 лет назад

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

CVE-2014-3248

redhat

больше 11 лет назад

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

CVE-2014-3248

nvd

около 11 лет назад

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

CVE-2014-3248

debian

около 11 лет назад

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2. ...

BDU:2015-09786

fstec

около 11 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 37%

0.00164

Низкий

CVE ID