drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in Puppet
Name: |
Mangelnde Rechteprüfung in Puppet |
|
ID: |
USN-1365-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Di, 14. Februar 2012, 18:30 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0528 |
|
Applikationen: |
Puppet |
|
Originalnachricht |
--===============1554852754015706239== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-5l89fdfAadJwnxu1bCk1"
--=-5l89fdfAadJwnxu1bCk1 Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1365-1 February 14, 2012
Puppet vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10
Summary:
Puppet would allow unintended access to resources over the network.
Software Description: - puppet: Centralized configuration management
Details:
It was discovered that Puppet would allow remote ralsh under certain circumstances. An attacker on an authenticated puppet node could exploit this to view or manipulate resources on other Puppet nodes.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: puppet-common 2.7.1-1ubuntu3.4
Ubuntu 11.04: puppet-common 2.6.4-2ubuntu2.7
Ubuntu 10.10: puppet-common 2.6.1-0ubuntu2.5
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1365-1 CVE-2011-0528
Package Information: https://launchpad.net/ubuntu/+source/puppet/2.7.1-1ubuntu3.4 https://launchpad.net/ubuntu/+source/puppet/2.6.4-2ubuntu2.7 https://launchpad.net/ubuntu/+source/puppet/2.6.1-0ubuntu2.5
--Õl89fdfAadJwnxu1bCk1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPOpKkAAoJEFHb3FjMVZVz20cQAKmTn4onEhfxKUGVfjnVu2Tr NOIM3cGShdQ06/dVuHJdXP4SNaBv8ba6tMt1wyoPjIycGwXatfkq2orTJQ9ewTS8 oSh6ixDUHfsIBzOL8AiVPz0JM6zoPVwPY/osbmq6NUar9elrRhMP3YKI+BaBJx3y pnqc7Fondtv4iIJ8PnIazFIKE9VjrZqBGsg9vPwq/Iq22z/K0oVcEHjwHfXPgDwt olnkY2hvUuYpJXF1n6/oQXmEL1R1+j97ST2YprTUG0vED+mAiC8VgBQqj8FZjUxI ugIWUxxZ2y9mVB/enIjwMsbCom3P3fwFKQ+vs/IbQQ3OkXgV40tLAQSocrubJYk5 7ngtzqoBLosuPG/TmJA3U0ItMR/nvD8FVao0SfSf+RCgZcuWKBYsgsGdPl6bSltI 7U+tae7P7wwfv8yOvlOTcDUECCOjiK/peZUZ1uVxxUWFtwcZt5Mml9+lI2hA5wNk LcCvVyFDGERZM5/GKKnDh4sWTlPPUumN70++2WD7SgTTJsUS2t9rRiQCfFdOiM6K EGPGgXLlfiL/6T6sUtL1Th0Dfr3VboPPnP069vd7/8XrOM9EkEANO+Bxaqx2Wmtg OWa4yeHyU1Ui9T07x0oueUIjxQF2/t+VAIIrsV+gY+MXH4cNcYDCl/SUBgKHPbUk 7XZBd4hUnZdszBxhahTU =2EPZ -----END PGP SIGNATURE-----
--=-5l89fdfAadJwnxu1bCk1--
--===============1554852754015706239== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1554852754015706239==--
|
|
|
|