CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
74.2%
It was discovered that Puppet incorrectly handled the non-default
βcertdnsnamesβ option when generating certificates. If this setting was
added to puppet.conf, the puppet primary serverβs DNS alt names were added
to the X.509 Subject Alternative Name field of all certificates, not just
the puppet primary serverβs certificate. An attacker that has an incorrect
agent certificate in his possession can use it to impersonate the puppet
primary server in a machine-in-the-middle attack.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.10 | noarch | puppet-common | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppet | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppet-el | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppet-testsuite | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppetmaster | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppetmaster-common | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | puppetmaster-passenger | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | vim-puppet | <Β 2.7.1-1ubuntu3.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | puppet-common | <Β 2.6.4-2ubuntu2.5 | UNKNOWN |
Ubuntu | 11.04 | noarch | puppet | <Β 2.6.4-2ubuntu2.5 | UNKNOWN |