Oval Definition:	oval:org.mitre.oval:def:15175
Revision Date: 2014-06-23 Version: 19 Title: DSA-2419-1 puppet -- several Description: Two vulnerabilities were discovered in Puppet, a centralized configuration management tool. CVE-2012-1053 Puppet runs execs with an unintended group privileges, potentially leading to privilege escalation. CVE-2012-1054 The k5login type writes to untrusted locations, enabling local users to escalate their privileges if the k5login type is used. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-1053 CVE-2012-1054 DSA-2419-1 Platform(s): Debian GNU/kFreeBSD 6.0 Debian GNU/Linux 6.0 Product(s): puppet Definition Synopsis Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND Installed architecture is all AND puppet DPKG is earlier than 2.6.2-5+squeeze4
BACK