Input validation error in Puppet
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2013-1640 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Puppet Agent Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | Puppet Labs |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Input validation error
EUVDB-ID: #VU42980
Risk: Medium
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-1640
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to execute arbitrary code.
The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request. Per http://www.ubuntu.com/usn/usn-1759-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10"
MitigationInstall update from vendor's website.
Vulnerable software versionsPuppet Agent:
CPE2.3 External linkshttps://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
https://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
https://rhn.redhat.com/errata/RHSA-2013-0710.html
https://secunia.com/advisories/52596
https://ubuntu.com/usn/usn-1759-1
https://www.debian.org/security/2013/dsa-2643
https://puppetlabs.com/security/cve/cve-2013-1640/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
