CVE-2009-3564

Related Files

Gentoo Linux Security Advisory 201203-03

Posted Mar 7, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-3 - Multiple vulnerabilities have been found in Puppet, the worst of which might allow local attackers to gain escalated privileges. Versions less than 2.7.11 are affected.

tags | advisory, local, vulnerability

systems | linux, gentoo

advisories | CVE-2009-3564, CVE-2010-0156, CVE-2011-3848, CVE-2011-3869, CVE-2011-3870, CVE-2011-3871, CVE-2011-3872, CVE-2012-1053, CVE-2012-1054

SHA-256 | 69813f02a92f89229d9a09aea745f127f1932ebbc0d9430aa9f9838397cd205b

Download | Favorite | View

Ubuntu Security Notice 917-1

Posted Mar 24, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 917-1 - It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. It was discovered that Puppet did not correctly handle temporary files. A local user can exploit this flaw to bypass security restrictions and overwrite arbitrary files.

tags | advisory, arbitrary, local

systems | linux, ubuntu

advisories | CVE-2009-3564, CVE-2010-0156

SHA-256 | 17eef93c81a5147eefd3cd3d1872dce9264982cb263d0d7ea0bd857a79f2feda

Download | Favorite | View