Vigil@nce - Puppet Enterprise: multiple vulnerabilities
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of Puppet Enterprise.
Impacted products: Puppet
Severity: 2/4
Creation date: 16/07/2014
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Puppet Enterprise.
An attacker can dereference a NULL pointer in OpenSSL applications
using SSL_MODE_RELEASE_BUFFERS, in order to trigger a denial of
service (VIGILANCE-VUL-14690). [severity:2/4; CVE-2014-0198]
An attacker can act as a man in the middle between a client and a
server using OpenSSL, in order to read or alter exchanged data
(VIGILANCE-VUL-14844). [severity:2/4; CVE-2014-0224]
When Mcollective is configured with the aes_security plugin, an
attacker can use a malicious certificate, in order to establish a
connection. [severity:2/4; CVE-2014-3251]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Puppet-Enterprise-multiple-vulnerabilities-15059