CVE Vulnerabilities

CVE-2014-3248

Published: Nov 16, 2014 | Modified: Jul 16, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.2 MEDIUM
AV:L/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
4.4 MODERATE
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
LOW

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

Affected Software

Name Vendor Start Version End Version
Facter Puppet 2.0.0-rc1 (including) 2.0.0-rc1 (including)
Facter Puppet 2.0.0-rc2 (including) 2.0.0-rc2 (including)
Facter Puppet 2.0.0-rc3 (including) 2.0.0-rc3 (including)
Facter Puppet 2.0.0-rc4 (including) 2.0.0-rc4 (including)
Facter Puppet 2.0.1 (including) 2.0.1 (including)
Facter Puppet 2.0.1-rc1 (including) 2.0.1-rc1 (including)
Facter Puppet 2.0.1-rc2 (including) 2.0.1-rc2 (including)
Facter Puppet 2.0.1-rc3 (including) 2.0.1-rc3 (including)
Facter Puppet 2.0.1-rc4 (including) 2.0.1-rc4 (including)
Facter Puppetlabs 1.6.0 (including) 1.6.18 (including)
Facter Ubuntu esm-infra-legacy/trusty *
Facter Ubuntu lucid *
Facter Ubuntu precise *
Facter Ubuntu saucy *
Facter Ubuntu trusty *
Facter Ubuntu trusty/esm *
Facter Ubuntu upstream *
Mcollective Ubuntu artful *
Mcollective Ubuntu precise *
Mcollective Ubuntu saucy *
Mcollective Ubuntu trusty *
Mcollective Ubuntu utopic *
Mcollective Ubuntu vivid *
Mcollective Ubuntu wily *
Mcollective Ubuntu yakkety *
Mcollective Ubuntu zesty *
Puppet Ubuntu lucid *
Puppet Ubuntu precise *
Puppet Ubuntu saucy *
Puppet Ubuntu trusty *
Puppet Ubuntu utopic *
Puppet Ubuntu vivid *
Ruby-hiera Ubuntu saucy *
Ruby-hiera Ubuntu trusty *

References