Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3872

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2011-3872
Last Modified 14 Feb 2012 11:10:58
Published 27 Oct 2011 04:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2011-3872

Summary

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."

Vulnerable Systems

Application

  • Puppetlabs Puppet 2.6.0

  • Puppetlabs Puppet 2.6.1

  • Puppetlabs Puppet 2.6.10

  • Puppetlabs Puppet 2.6.11

  • Puppetlabs Puppet 2.6.2

  • Puppetlabs Puppet 2.6.3

  • Puppetlabs Puppet 2.6.4

  • Puppetlabs Puppet 2.6.5

  • Puppetlabs Puppet 2.6.6

  • Puppetlabs Puppet 2.6.7

  • Puppetlabs Puppet 2.6.8

  • Puppetlabs Puppet 2.6.9

  • Puppetlabs Puppet 2.7.0

  • Puppetlabs Puppet 2.7.1

  • Puppetlabs Puppet 2.7.2

  • Puppetlabs Puppet 2.7.3

  • Puppetlabs Puppet 2.7.4

  • Puppetlabs Puppet 2.7.5

  • Puppetlabs Puppet Enterprise Users 1.0

  • Puppetlabs Puppet Enterprise Users 1.1

  • Puppetlabs Puppet Enterprise Users 1.2

  • Puppetlabs Puppet Enterprise Users 1.2.0

  • Puppetlabs Puppet Enterprise Users 1.2.1

  • Puppetlabs Puppet Enterprise Users 1.2.2

  • Puppetlabs Puppet Enterprise Users 1.2.3


References

CONFIRM - http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1

XF - puppet-x509-spoofing(70970)

UBUNTU - USN-1238-2

UBUNTU - USN-1238-1

BID - 50356

SECUNIA - 46578

SECUNIA - 46550

CONFIRM - http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/

SECUNIA - 46964

SECUNIA - 46934

Related Patches

Novell SUSE 2011:5421 puppet security update for SLE 11 SP1 i586

Novell SUSE 2011:5421 puppet security update for SLE 11 SP1 x86_64


Last Updated: 27 May 2016 10:58:15