CVE-2011-3872

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
VendorProductVersion
puppetpuppet
2.6.0
puppetpuppet
2.6.1
puppetpuppet
2.6.2
puppetpuppet
2.6.3
puppetpuppet
2.6.4
puppetpuppet
2.6.5
puppetpuppet
2.6.6
puppetpuppet
2.6.7
puppetpuppet
2.6.8
puppetpuppet
2.6.9
puppetpuppet
2.6.10
puppetpuppet
2.6.11
puppetpuppet
2.7.2
puppetpuppet
2.7.3
puppetpuppet
2.7.4
puppetpuppet
2.7.5
puppetlabspuppet
2.7.0
puppetlabspuppet
2.7.1
puppetpuppet_enterprise
1.2.0
puppetpuppet_enterprise
1.2.1
puppetpuppet_enterprise
1.2.2
puppetpuppet_enterprise
1.2.3
puppetlabspuppet_enterprise_users
1.0
puppetlabspuppet_enterprise_users
1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
puppet
bullseye
5.5.22-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
puppet
oneiric
Fixed 2.7.1-1ubuntu3.2
released
natty
Fixed 2.6.4-2ubuntu2.5
released
maverick
Fixed 2.6.1-0ubuntu2.4
released
lucid
Fixed 0.25.4-2ubuntu6.5
released
hardy
ignored
Common Weakness Enumeration
References
http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1
http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
http://secunia.com/advisories/46550
http://secunia.com/advisories/46578
http://secunia.com/advisories/46934
http://secunia.com/advisories/46964
http://www.securityfocus.com/bid/50356
http://www.ubuntu.com/usn/USN-1238-1
http://www.ubuntu.com/usn/USN-1238-2
https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
https://puppet.com/security/cve/cve-2011-3872
http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1
http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
http://secunia.com/advisories/46550
http://secunia.com/advisories/46578
http://secunia.com/advisories/46934
http://secunia.com/advisories/46964
http://www.securityfocus.com/bid/50356
http://www.ubuntu.com/usn/USN-1238-1
http://www.ubuntu.com/usn/USN-1238-2
https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
https://puppet.com/security/cve/cve-2011-3872