Download
| Alert*
oval:org.secpod.oval:def:10650
The host is installed with Puppet 2.7.x before 2.7.21 or 3.1.x before 3.1.1 and is prone to SSL Protocol downgrade vulnerability. A flaw is present in the application, which fails to properly negotiate the SSL protocol between client and master. Successful exploitation allows remote attackers to con ... oval:org.secpod.oval:def:10644 The host is installed with Puppet 2.7.x before 2.7.21 or 3.1.x before 3.1.1 or Puppet Enterprise 2.7.x before 2.7.2 and is prone to SSL Protocol downgrade vulnerability. A flaw is present in the application, which fails to properly negotiate the SSL protocol between client and master. Successful exp ... oval:org.secpod.oval:def:104775 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... oval:org.secpod.oval:def:701210 puppet: Centralized configuration management Several security issues were fixed in Puppet. oval:org.secpod.oval:def:600986 Multiple vulnerabilities were discovered in Puppet, a centralized configuration management system. CVE-2013-1640 An authenticated malicious client may request its catalog from the puppet master, and cause the puppet master to execute arbitrary code. The puppet master must be made to invoke the `temp ... oval:org.secpod.oval:def:105685 Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and fi ... |