Vigil@nce - Puppet Enterprise: privilege escalation via puppetlabs-stdlib
January 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use the Fact Cache of puppetlabs-stdlib of
Puppet Enterprise, in order to escalate his privileges.
– Impacted products: Puppet
– Severity: 2/4
– Creation date: 15/01/2015
DESCRIPTION OF THE VULNERABILITY
The puppetlabs-stdlib library uses a cache to memorize "facts"
(configuration, SSH keys, etc.).
However, a local attacker can add entries in this cache.
A local attacker can therefore use the Fact Cache of
puppetlabs-stdlib of Puppet Enterprise, in order to escalate his
privileges.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Puppet-Enterprise-privilege-escalation-via-puppetlabs-stdlib-15990