Novell Home

CVE-2013-2274

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2274 at MITRE

Description

Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a crafted request for a report.

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entry: 809839

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • puppet >= 2.6.18-0.4.2
Builds
SAT Patch Nr: 7526
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • puppet >= 2.6.18-0.4.2
  • puppet-server >= 2.6.18-0.4.2
Builds
SAT Patch Nr: 7526

© 2014 Novell