#VU43769 Permissions, Privileges, and Access Controls in Puppet Agent - CVE-2012-3866

Cybersecurity Help s.r.o.

Published: 2012-08-06 | Updated: 2022-12-08

Vulnerability identifier: #VU43769

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2012-3866

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Puppet Agent
Server applications / Conferencing, Collaboration and VoIP solutions

Vendor: Puppet Labs

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Puppet Agent:

External links
https://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
https://puppetlabs.com/security/cve/cve-2012-3866/
https://secunia.com/advisories/50014
https://www.debian.org/security/2012/dsa-2511
https://www.ubuntu.com/usn/USN-1506-1
https://bugzilla.redhat.com/show_bug.cgi?id=839135
https://github.com/puppetlabs/puppet/commit/fd44bf5e6d0d360f6a493d663b653c121fa83c3f

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Puppet