Lucene search

GitHub Advisory DatabaseGHSA-V58W-6XC2-W799

HistoryMay 14, 2022 - 12:56 a.m.

Puppet Denial of Service and Arbitrary File Write

2022-05-1400:56:45

CWE-400

GitHub Advisory Database

github.com

puppet

denial of service

arbitrary file write

vulnerability

remote authenticated users

ssl keys

memory consumption

rest request

thread block

cve-2012-1986

filesystem consumption

crafted rest requests

puppet::filebucket::file object

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

A vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or**(2)** cause a denial of service (filesystem consumption) via crafted REST requests that use “a marshaled form of a Puppet::FileBucket::File object” to write to arbitrary file locations.

Affected configurations

Vulners

Node

puppetpuppetRange2.7.0–2.7.13

puppetpuppetRange2.6.0–2.6.15

VendorProductVersionCPE
puppetpuppet*cpe:2.3:a:puppet:puppet:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
puppet	puppet	*	cpe:2.3:a:puppet:puppet::::::::

References

lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html

lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html

lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html

ubuntu.com/usn/usn-1419-1

www.debian.org/security/2012/dsa-2451

exchange.xforce.ibmcloud.com/vulnerabilities/74794

github.com/advisories/GHSA-v58w-6xc2-w799

github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc

github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14

github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1987.yml

hermes.opensuse.org/messages/14523305

hermes.opensuse.org/messages/15087408

nvd.nist.gov/vuln/detail/CVE-2012-1987

web.archive.org/web/20120415105345/www.securityfocus.com/bid/52975

web.archive.org/web/20120513213318/projects.puppetlabs.com/issues/13553

web.archive.org/web/20120513224202/projects.puppetlabs.com/issues/13552

web.archive.org/web/20121005145241/projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15

web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987/

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

Related for GHSA-V58W-6XC2-W799