CVE-2012-3864: Infoleak
First published: Wed Jul 11 2012(Updated: )
From puppet labs: <a href="https://access.redhat.com/security/cve/CVE-2012-3864">CVE-2012-3864</a> (Arbitrary File Read) A bug in Puppet 2.6.16 and 2.7.17 allows authenticated clients to read arbitrary files from the puppet master. Given a valid certificate and private key, it is possible to construct an HTTP GET request that will return the contents of an arbitrary file on the Puppet master. These requests can retrieve any file that the puppet master has read-access to. Resolved in Puppet 2.6.17, 2.7.18
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/puppet | <2.6.17 | 2.6.17 |
| redhat/puppet | <2.7.18 | 2.7.18 |
| Puppet | =2.6.0 | |
| Puppet | =2.6.1 | |
| Puppet | =2.6.2 | |
| Puppet | =2.6.3 | |
| Puppet | =2.6.4 | |
| Puppet | =2.6.5 | |
| Puppet | =2.6.6 | |
| Puppet | =2.6.7 | |
| Puppet | =2.6.8 | |
| Puppet | =2.6.9 | |
| Puppet | =2.6.10 | |
| Puppet | =2.6.11 | |
| Puppet | =2.6.12 | |
| Puppet | =2.6.13 | |
| Puppet | =2.6.14 | |
| Puppet | =2.6.15 | |
| Puppet | =2.7.2 | |
| Puppet | =2.7.3 | |
| Puppet | =2.7.4 | |
| Puppet | =2.7.5 | |
| Puppet | =2.7.6 | |
| Puppet | =2.7.7 | |
| Puppet | =2.7.8 | |
| Puppet | =2.7.9 | |
| Puppet | =2.7.10 | |
| Puppet | =2.7.11 | |
| Puppet | =2.7.12 | |
| Puppet | =2.7.13 | |
| Puppet | =2.7.14 | |
| Puppet | =2.7.16 | |
| Puppet | =2.7.17 | |
| Puppet | <=2.6.16 | |
| Puppet | =2.7.0 | |
| Puppet | =2.7.1 | |
| Puppet Enterprise | <=2.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
- http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
- http://puppetlabs.com/security/cve/cve-2012-3864/
- http://secunia.com/advisories/50014
- http://www.debian.org/security/2012/dsa-2511
- http://www.ubuntu.com/usn/USN-1506-1
- https://bugzilla.redhat.com/show_bug.cgi?id=839130
- https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4
- https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87
- https://access.redhat.com/security/cve/CVE-2012-3864
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=839168
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=839171
- https://github.com/puppetlabs/puppet/commit/8eb0cd8
- https://github.com/puppetlabs/puppet/commit/828c16a
- https://github.com/puppetlabs/puppet/commit/e7ef153
- https://github.com/puppetlabs/puppet/commit/29ae87d
- https://github.com/puppetlabs/puppet/commit/c872619
- https://github.com/puppetlabs/puppet/commit/c3c7462
- https://github.com/puppetlabs/puppet/commit/38c5a4e
- https://github.com/puppetlabs/puppet/commit/9e920a8
- https://github.com/puppetlabs/puppet/commit/2d01c2b
- https://github.com/puppetlabs/puppet/commit/40ee670
- https://github.com/puppetlabs/puppet/commit/d881b4b
- https://github.com/puppetlabs/puppet/commit/20ab0e9
- https://github.com/puppetlabs/puppet/commit/10f6cb8
- https://rhn.redhat.com/errata/RHSA-2012-1542.html
Frequently Asked Questions
What is the severity of CVE-2012-3864?
CVE-2012-3864 is classified as a medium severity vulnerability due to its potential for arbitrary file read access.
How do I fix CVE-2012-3864?
To fix CVE-2012-3864, upgrade Puppet versions to 2.6.17 or later or 2.7.18 or later.
What versions of Puppet are affected by CVE-2012-3864?
Puppet versions 2.6.16 and 2.7.17 are vulnerable to CVE-2012-3864.
What type of vulnerability is CVE-2012-3864?
CVE-2012-3864 is an arbitrary file read vulnerability.
Can authenticated users exploit CVE-2012-3864?
Yes, authenticated users can exploit CVE-2012-3864 to read arbitrary files from the Puppet master.
- agent/type
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-3864
- agent/software-canonical-lookup
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/puppet
- canonical/puppet
- version/puppet/2.6.0
- version/puppet/2.6.1
- version/puppet/2.6.2
- version/puppet/2.6.3
- version/puppet/2.6.4
- version/puppet/2.6.5
- version/puppet/2.6.6
- version/puppet/2.6.7
- version/puppet/2.6.8
- version/puppet/2.6.9
- version/puppet/2.6.10
- version/puppet/2.6.11
- version/puppet/2.6.12
- version/puppet/2.6.13
- version/puppet/2.6.14
- version/puppet/2.6.15
- version/puppet/2.7.2
- version/puppet/2.7.3
- version/puppet/2.7.4
- version/puppet/2.7.5
- version/puppet/2.7.6
- version/puppet/2.7.7
- version/puppet/2.7.8
- version/puppet/2.7.9
- version/puppet/2.7.10
- version/puppet/2.7.11
- version/puppet/2.7.12
- version/puppet/2.7.13
- version/puppet/2.7.14
- version/puppet/2.7.16
- version/puppet/2.7.17
- vendor/puppetlabs
- version/puppet/2.6.16
- version/puppet/2.7.0
- version/puppet/2.7.1
- canonical/puppet enterprise
- version/puppet enterprise/2.5.1