#VU42980 Input validation error in Puppet Agent - CVE-2013-1640

Cybersecurity Help s.r.o.

Published: 2013-03-20 | Updated: 2020-08-11

Vulnerability identifier: #VU42980

Vulnerability risk: Medium

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2013-1640

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Puppet Agent
Server applications / Conferencing, Collaboration and VoIP solutions

Vendor: Puppet Labs

Description

The vulnerability allows a remote #AU# to execute arbitrary code.

The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request. Per http://www.ubuntu.com/usn/usn-1759-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10"

Mitigation
Install update from vendor's website.

Vulnerable software versions

Puppet Agent:

External links
https://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
https://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
https://rhn.redhat.com/errata/RHSA-2013-0710.html
https://secunia.com/advisories/52596
https://ubuntu.com/usn/usn-1759-1
https://www.debian.org/security/2013/dsa-2643
https://puppetlabs.com/security/cve/cve-2013-1640/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for puppet

Input validation error in Puppet