CVE-2010-0156
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
Link Following
Vendor | Product | Version |
---|---|---|
puppet | puppet | 0.24.3 |
puppet | puppet | 0.24.4 |
puppet | puppet | 0.24.5 |
puppet | puppet | 0.24.6 |
puppet | puppet | 0.24.6 |
puppet | puppet | 0.24.6 |
puppet | puppet | 0.24.7 |
puppet | puppet | 0.24.7 |
puppet | puppet | 0.24.8 |
puppet | puppet | 0.24.8 |
puppet | puppet | 0.25.0 |
puppet | puppet | 0.25.0 |
puppet | puppet | 0.25.0 |
puppet | puppet | 0.25.0 |
puppet | puppet | 0.25.1 |
puppet | puppet | 0.25.1 |
puppet | puppet | 0.25.1 |
puppet | puppet | 0.25.2 |
puppet | puppet | 0.25.2 |
puppet | puppet | 0.25.2 |
Ubuntu Releases
Common Weakness Enumeration