Showing 1 - 3 of 3

CVE-2013-1653

Status Candidate

Overview

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request.

Related Files

Gentoo Linux Security Advisory 2013-08-04: Posted Aug 23, 2013; Site security.gentoo.org; Gentoo Linux Security Advisory 2013-08-04 - Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. Versions less than 2.7.23 are affected.; tags | advisory, arbitrary, vulnerability; advisories | CVE-2012-6120, CVE-2013-1640, CVE-2013-1652, CVE-2013-1653, CVE-2013-1654, CVE-2013-1655, CVE-2013-2274, CVE-2013-2275, CVE-2013-3567, CVE-2013-4761, CVE-2013-4956; SHA-256 | 0540da72c54f57cbe5a156cdb95056d98fa489beca31a869e539fa0bb49ca073; Download | Favorite | View

Debian Security Advisory 2643-1: Posted Mar 13, 2013; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2643-1 - Multiple vulnerabilities were discovered in Puppet, a centralized configuration management system.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2013-1640, CVE-2013-1652, CVE-2013-1653, CVE-2013-1654, CVE-2013-1655, CVE-2013-2274, CVE-2013-2275; SHA-256 | 626b2c43b3fc60e5818364c42a1dce9ed4a162377a90fdd4f2f3cc47cac16b60; Download | Favorite | View

Ubuntu Security Notice USN-1759-1: Posted Mar 13, 2013; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1759-1 - It was discovered that Puppet agents incorrectly handled certain kick connections in a non-default configuration. An attacker on an authenticated client could use this issue to possibly execute arbitrary code. It was discovered that Puppet incorrectly handled certain catalog requests. An attacker on an authenticated client could use this issue to possibly execute arbitrary code on the master. Various other issues were also addressed.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2013-1653, CVE-2013-1640, CVE-2013-1652, CVE-2013-1654, CVE-2013-1655, CVE-2013-2275, CVE-2013-1640, CVE-2013-1652, CVE-2013-1653, CVE-2013-1654, CVE-2013-1655, CVE-2013-2275; SHA-256 | cccb65197566007976c698911967efc5871071adafb220b210b3946a8aba7461; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 184 files
Ubuntu 64 files
Debian 22 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Google Security Research 6 files
Apple 6 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,009)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,174)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,460)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,433)
UNIX (9,390)
UnixWare (187)
Windows (6,648)
Other

CVE-2013-1653

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems