Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-4956

Опубликовано: 20 авг. 2013
Источник: nvd
CVSS2: 3.6
EPSS Низкий

Описание

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.9:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.10:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.11:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.12:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.13:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.14:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.16:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.17:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.18:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.21:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:2.7.22:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:puppet:puppet_enterprise:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:puppetlabs:puppet:3.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%
0.00108
Низкий

3.6 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2013-4956

ubuntu
больше 12 лет назад

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.

redhat логотип

CVE-2013-4956

redhat
больше 12 лет назад

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.

debian логотип

CVE-2013-4956

debian
больше 12 лет назад

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3. ...

github логотип

GHSA-3jgg-vqj7-2c3r

github
больше 3 лет назад

Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, installs modules with weak permissions if those permissions were used when the modules were originally built, which might allow local users to read or modify those modules depending on the original permissions.

fstec логотип

BDU:2015-09724

fstec
больше 12 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 30%
0.00108
Низкий

3.6 Low

CVSS2

Дефекты

CWE-264