Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
References
Link | Resource |
---|---|
http://puppetlabs.com/security/cve/cve-2013-4969 | Vendor Advisory |
http://secunia.com/advisories/56253 | Vendor Advisory |
http://secunia.com/advisories/56254 | Vendor Advisory |
http://www.debian.org/security/2013/dsa-2831 | Third Party Advisory |
http://www.ubuntu.com/usn/USN-2077-1 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-07T18:00:00
Updated: 2014-01-16T18:57:00
Reserved: 2013-07-29T00:00:00
Link: CVE-2013-4969
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-01-07T18:55:06.910
Modified: 2022-01-24T16:46:02.347
Link: CVE-2013-4969
JSON object: View
Redhat Information
No data.
CWE