| Revision Date: | 2017-12-11 | Version: | 1 | | Title: | CVE-2014-3250 on Ubuntu 16.04 LTS (xenial) - low. | | Description: | The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2014-3250
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT puppet package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppet-common package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppet-el package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppet-testsuite package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppetmaster package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppetmaster-common package in xenial, while related to the CVE in some way, is not affected.
OR NOT puppetmaster-passenger package in xenial, while related to the CVE in some way, is not affected.
OR NOT vim-puppet package in xenial, while related to the CVE in some way, is not affected.
|
|