CVE-2011-3871 — Generation of Predictable Numbers or Identifiers in Puppet

CWE-264 CWE-340 — Generation of Predictable Numbers or Identifiers CWE-377 — Insecure Temporary File11 documents8 sources

Severity

6.2MEDIUMNVD

EPSS

0.0%

top 87.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Puppet Puppetlabs Puppet

Timeline

PublishedOct 27

Latest updateMay 14

Description

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages4 packages

▶RubyGemspuppet/puppet2.7.0 — 2.7.5+1

▶Debianpuppet/puppet< 2.7.3-3

▶NVDpuppet/puppet21 versions+20

▶NVDpuppetlabs/puppet2.7.0, 2.7.1+1

Patches

Patch: groups.google.com ↗Patch: lists.fedoraproject.org ↗Patch: lists.fedoraproject.org ↗

🔴Vulnerability Details

GHSA

Puppet uses predictable filenames, allowing arbitrary file overwrite↗2022-05-14

▶

OSV

Puppet uses predictable filenames, allowing arbitrary file overwrite↗2022-05-14

▶

OSV

CVE-2011-3871: Puppet 2↗2011-10-27

▶

CVEList

CVE-2011-3871: Puppet 2↗2011-10-27

▶

📋Vendor Advisories

Ubuntu

Puppet vulnerabilities↗2011-09-30

▶

Red Hat

puppet: predictable temporary file using RAL↗2011-09-30

▶

Debian

CVE-2011-3871: puppet - Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --ed...↗2011

▶

💬Community

Bugzilla

CVE-2011-3870 CVE-2011-3869 CVE-2011-3871 CVE-2011-3848 puppet various flaws [fedora-all]↗2011-09-30

▶

Bugzilla

CVE-2011-3871 puppet: predictable temporary file using RAL↗2011-09-30

▶

Bugzilla

CVE-2011-3870 CVE-2011-3869 CVE-2011-3871 CVE-2011-3848 puppet various flaws [epel-all]↗2011-09-30

▶