CVE-2014-3248CVE-2014-3248

Affected configuration(s):

cpe:/a:puppetlabs:facter:1.6.18
cpe:/a:puppetlabs:facter:2.0.1
cpe:/a:puppetlabs:hiera:1.3.3
cpe:/a:puppetlabs:marionette-collective:2.5.1
cpe:/a:puppetlabs:puppet:2.7.26
cpe:/a:puppetlabs:puppet:2.8.6::~~enterprise~~~
cpe:/a:puppetlabs:puppet:3.6.1

Date published: 2014-11-16T12:59:03.113-05:00

Date last modified: 2014-11-17T13:42:25.450-05:00

CVSS Score: 6.2

Principal attack vector: LOCAL

Complexity:  HIGH

Reference URL: http://puppetlabs.com/security/cve/cve-2014-3248

Summary: Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.