Lucene search
Ubuntu.comUB:CVE-2012-1989HistoryApr 11, 2012 - 12:00 a.m.
CVE-2012-1989
2012-04-1100:00:00
ubuntu.com
ubuntu.com
7
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
EPSS
0
Percentile
5.1%
telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x,
2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary
files via a symlink attack on the NET::Telnet connection log
(/tmp/out.log).
Bugs
Notes
| Author | Note |
|---|---|
| tyhicks | Yama should mitigate this Only affects 2.7.x |
Related
cvelist
cvelist
CVE-2012-1989
2012-06-27 18:00:00
prion
prion
Code injection
2012-06-27 18:55:00
rubygems
rubygems
Arbitrary File Write Access in Puppet
2017-10-23 21:00:00
nvd
nvd
CVE-2012-1989
2012-06-27 18:55:01
debiancve
debiancve
CVE-2012-1989
2012-06-27 18:55:01
osv
osv
Puppet allows local users to overwrite arbitrary files via a symlink attack
2017-10-24 18:33:38
cve
cve
CVE-2012-1989
2012-06-27 18:55:01
github
github
Puppet allows local users to overwrite arbitrary files via a symlink attack
2017-10-24 18:33:38
nessus
nessus
openSUSE Security Update : puppet (openSUSE-SU-2012:0608-1)
2014-06-13 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 : puppet vulnerabilities (USN-1419-1)
2012-04-11 00:00:00
openvas
openvas
FreeBSD Ports: puppet
2012-04-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:0771-1)
2021-06-09 00:00:00
Gentoo Security Advisory GLSA 201208-02 (Puppet)
2012-08-30 00:00:00
ubuntu
ubuntu
Puppet vulnerabilities
2012-04-11 00:00:00
freebsd
freebsd
puppet -- Multiple Vulnerabilities
2012-03-26 00:00:00
gentoo
gentoo
Puppet: Multiple vulnerabilities
2012-08-14 00:00:00
CVSS2
3.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
EPSS
0
Percentile
5.1%
Related for UB:CVE-2012-1989