CVE-2012-3867: Input Validation
First published: Wed Jul 11 2012(Updated: )
From puppet labs: <a href="https://access.redhat.com/security/cve/CVE-2012-3867">CVE-2012-3867</a> (Insufficient input validation) A bug in Puppet 2.6.16 and 2.7.17 uses insufficient input validation for agent certificate names. An attacker can trick the administrator into signing an attacker’s certificate rather than the intended one by constructing specially crafted certificate requests containing specific ANSI control sequences. It is possible to use the sequences to rewrite the order of text displayed to an administrator such that display of an invalid certificate and valid certificate are transposed. If the administrator signs the attacker’s certificate, the attacker can then man-in-the-middle the deployment’s agent nodes. Resolved in Puppet 2.6.17, 2.7.18
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/puppet | <2.6.17 | 2.6.17 |
| redhat/puppet | <2.7.18 | 2.7.18 |
| Puppet Puppet | =2.6.0 | |
| Puppet Puppet | =2.6.1 | |
| Puppet Puppet | =2.6.2 | |
| Puppet Puppet | =2.6.3 | |
| Puppet Puppet | =2.6.4 | |
| Puppet Puppet | =2.6.5 | |
| Puppet Puppet | =2.6.6 | |
| Puppet Puppet | =2.6.7 | |
| Puppet Puppet | =2.6.8 | |
| Puppet Puppet | =2.6.9 | |
| Puppet Puppet | =2.6.10 | |
| Puppet Puppet | =2.6.11 | |
| Puppet Puppet | =2.6.12 | |
| Puppet Puppet | =2.6.13 | |
| Puppet Puppet | =2.6.14 | |
| Puppet Puppet | =2.6.15 | |
| Puppet Puppet | =2.7.2 | |
| Puppet Puppet | =2.7.3 | |
| Puppet Puppet | =2.7.4 | |
| Puppet Puppet | =2.7.5 | |
| Puppet Puppet | =2.7.6 | |
| Puppet Puppet | =2.7.7 | |
| Puppet Puppet | =2.7.8 | |
| Puppet Puppet | =2.7.9 | |
| Puppet Puppet | =2.7.10 | |
| Puppet Puppet | =2.7.11 | |
| Puppet Puppet | =2.7.12 | |
| Puppet Puppet | =2.7.13 | |
| Puppet Puppet | =2.7.14 | |
| Puppet Puppet | =2.7.16 | |
| Puppet Puppet | =2.7.17 | |
| Puppetlabs Puppet | <=2.6.16 | |
| Puppetlabs Puppet | =2.7.0 | |
| Puppetlabs Puppet | =2.7.1 | |
| Debian Debian Linux | =6.0 | |
| Canonical Ubuntu Linux | =10.04 | |
| Canonical Ubuntu Linux | =11.04 | |
| Canonical Ubuntu Linux | =11.10 | |
| Canonical Ubuntu Linux | =12.04 | |
| openSUSE openSUSE | =11.4 | |
| openSUSE openSUSE | =12.1 | |
| SUSE Linux Enterprise Desktop | =11-sp1 | |
| SUSE Linux Enterprise Desktop | =11-sp2 | |
| SUSE Linux Enterprise Server | =11-sp1 | |
| Suse Linux Enterprise Server | =11-sp1 | |
| SUSE Linux Enterprise Server | =11-sp2 | |
| Puppet Puppet Enterprise | <=2.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2012-3867
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=839168
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=839171
- http://puppetlabs.com/security/cve/cve-2012-3867/
- https://github.com/puppetlabs/puppet/commit/dfedaa5
- https://github.com/puppetlabs/puppet/commit/9607bd7
- https://github.com/puppetlabs/puppet/commit/0144e68
- https://github.com/puppetlabs/puppet/commit/4d7c9fd
- https://github.com/puppetlabs/puppet/commit/bd2820e
- https://github.com/puppetlabs/puppet/commit/f341962
- https://rhn.redhat.com/errata/RHSA-2012-1542.html
- https://bugzilla.redhat.com/show_bug.cgi?id=839158
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
- http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
- http://secunia.com/advisories/50014
- http://www.debian.org/security/2012/dsa-2511
- http://www.ubuntu.com/usn/USN-1506-1
- https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640
- https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-3867
- agent/software-canonical-lookup
- vendor/puppet
- canonical/puppet puppet
- version/puppet puppet/2.6.0
- version/puppet puppet/2.6.1
- version/puppet puppet/2.6.2
- version/puppet puppet/2.6.3
- version/puppet puppet/2.6.4
- version/puppet puppet/2.6.5
- version/puppet puppet/2.6.6
- version/puppet puppet/2.6.7
- version/puppet puppet/2.6.8
- version/puppet puppet/2.6.9
- version/puppet puppet/2.6.10
- version/puppet puppet/2.6.11
- version/puppet puppet/2.6.12
- version/puppet puppet/2.6.13
- version/puppet puppet/2.6.14
- version/puppet puppet/2.6.15
- version/puppet puppet/2.7.2
- version/puppet puppet/2.7.3
- version/puppet puppet/2.7.4
- version/puppet puppet/2.7.5
- version/puppet puppet/2.7.6
- version/puppet puppet/2.7.7
- version/puppet puppet/2.7.8
- version/puppet puppet/2.7.9
- version/puppet puppet/2.7.10
- version/puppet puppet/2.7.11
- version/puppet puppet/2.7.12
- version/puppet puppet/2.7.13
- version/puppet puppet/2.7.14
- version/puppet puppet/2.7.16
- version/puppet puppet/2.7.17
- vendor/puppetlabs
- canonical/puppetlabs puppet
- version/puppetlabs puppet/2.6.16
- version/puppetlabs puppet/2.7.0
- version/puppetlabs puppet/2.7.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/6.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/10.04
- version/canonical ubuntu linux/11.04
- version/canonical ubuntu linux/11.10
- version/canonical ubuntu linux/12.04
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/11.4
- version/opensuse opensuse/12.1
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11-sp1
- version/suse linux enterprise desktop/11-sp2
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11-sp1
- version/suse linux enterprise server/11-sp2
- canonical/puppet puppet enterprise
- version/puppet puppet enterprise/2.5.1
- package-manager/redhat