Bug #13552
Puppet master will save files to any place on disk
| Status: | Closed | Start date: | 03/30/2012 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: |  Andrew Parker | % Done: | 0% | |
| Category: | security | |||
| Target version: | 2.7.13 | |||
| Affected Puppet version: | Branch: | |||
| Keywords: | ||||
Description
By constructing a marshaled form of a Puppet::FileBucket::File object a user can cause it it to be written to any place on the disk of the puppet master. This could be used for a denial of service attach against the puppet master if an attacker fills a filesystem that can cause systems to stop working. In order to do this the attacker needs no access to the puppet master system, but does need access to agent SSL keys.
History
#1
Updated by Andrew Parker about 1 year ago
- Assignee set to Andrew Parker
#2
Updated by Andrew Parker about 1 year ago
- Status changed from Accepted to In Topic Branch Pending Review
Fixes in branches:
- https://github.com/puppetlabs/puppet-cve-test/tree/security/2.6.14/filebucket-bucket-path-security
- https://github.com/puppetlabs/puppet-cve-test/tree/security/2.6.14/filebucket-bucket-path-security
#3
Updated by Moses Mendoza about 1 year ago
- Status changed from In Topic Branch Pending Review to Closed
#4
Updated by Moses Mendoza about 1 year ago
Released in 2.7.13, 2.6.15.
#5
Updated by Matthaus Owens about 1 year ago
- Description updated (diff)
#6
Updated by Matthaus Owens about 1 year ago
- Target version set to 2.7.13
#7
Updated by Matthaus Owens about 1 year ago
- Private changed from Yes to No