CVE-2011-3870 — Link Following in Puppet

CWE-59 — Link Following11 documents8 sources

Severity

6.3MEDIUMNVD

EPSS

0.0%

top 90.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Puppet Puppetlabs Puppet

Timeline

PublishedOct 27

Latest updateMay 14

Description

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.

CVSS vector

AV:L/AC:M/C:N/I:C/A:CExploitability: 3.4 | Impact: 9.2

Affected Packages4 packages

▶RubyGemspuppet/puppet2.7.0 — 2.7.5+1

▶Debianpuppet/puppet< 2.7.3-3

▶NVDpuppet/puppet21 versions+20

▶NVDpuppetlabs/puppet2.7.0, 2.7.1+1

Patches

Patch: groups.google.com ↗Patch: lists.fedoraproject.org ↗Patch: lists.fedoraproject.org ↗

🔴Vulnerability Details

OSV

Puppet allows local users to modify the permissions of arbitrary files↗2022-05-14

▶

GHSA

Puppet allows local users to modify the permissions of arbitrary files↗2022-05-14

▶

OSV

CVE-2011-3870: Puppet 2↗2011-10-27

▶

CVEList

CVE-2011-3870: Puppet 2↗2011-10-27

▶

📋Vendor Advisories

Ubuntu

Puppet vulnerabilities↗2011-09-30

▶

Red Hat

puppet: SSH authorized_keys symlink attack↗2011-09-30

▶

Debian

CVE-2011-3870: puppet - Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to...↗2011

▶

💬Community

Bugzilla

CVE-2011-3870 CVE-2011-3869 CVE-2011-3871 CVE-2011-3848 puppet various flaws [fedora-all]↗2011-09-30

▶

Bugzilla

CVE-2011-3870 puppet: SSH authorized_keys symlink attack↗2011-09-30

▶

Bugzilla

CVE-2011-3870 CVE-2011-3869 CVE-2011-3871 CVE-2011-3848 puppet various flaws [epel-all]↗2011-09-30

▶