PublicDateAtUSN: 2014-11-16 Candidate: CVE-2014-3248 PublicDate: 2014-11-16 17:59:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3248 http://puppetlabs.com/security/cve/cve-2014-3248 http://www.openwall.com/lists/oss-security/2014/07/08/2 https://ubuntu.com/security/notices/USN-3308-1 Description: Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. Ubuntu-Description: Notes: Bugs: Priority: low Discovered-by: Dennis Rowe Assigned-to: CVSS: Patches_ruby-hiera: upstream_ruby-hiera: needs-triage lucid_ruby-hiera: DNE precise_ruby-hiera: DNE precise/esm_ruby-hiera: DNE saucy_ruby-hiera: ignored (reached end-of-life) trusty_ruby-hiera: ignored (reached end-of-life) trusty/esm_ruby-hiera: DNE (trusty was needed) utopic_ruby-hiera: DNE vivid_ruby-hiera: DNE vivid/stable-phone-overlay_ruby-hiera: DNE vivid/ubuntu-core_ruby-hiera: DNE wily_ruby-hiera: DNE xenial_ruby-hiera: DNE yakkety_ruby-hiera: DNE zesty_ruby-hiera: DNE artful_ruby-hiera: DNE bionic_ruby-hiera: DNE cosmic_ruby-hiera: DNE disco_ruby-hiera: DNE eoan_ruby-hiera: DNE focal_ruby-hiera: DNE groovy_ruby-hiera: DNE hirsute_ruby-hiera: DNE impish_ruby-hiera: DNE jammy_ruby-hiera: DNE devel_ruby-hiera: DNE Patches_puppet: upstream: https://github.com/puppetlabs/puppet/commit/1d1e1eac451fdd277ff1601b3fb635dcb713c7be upstream_puppet: needs-triage lucid_puppet: ignored (reached end-of-life) precise_puppet: ignored (reached end-of-life) precise/esm_puppet: DNE (precise was needed) saucy_puppet: ignored (reached end-of-life) trusty_puppet: released (3.4.3-1ubuntu1.2) trusty/esm_puppet: released (3.4.3-1ubuntu1.2) utopic_puppet: ignored (reached end-of-life) vivid_puppet: ignored (reached end-of-life) vivid/stable-phone-overlay_puppet: DNE vivid/ubuntu-core_puppet: DNE wily_puppet: not-affected (3.7.2-5ubuntu2) xenial_puppet: not-affected (3.8.5-2) yakkety_puppet: not-affected (3.8.5-2) zesty_puppet: not-affected (3.8.5-2) artful_puppet: not-affected (3.8.5-2) bionic_puppet: not-affected (3.8.5-2) cosmic_puppet: not-affected (3.8.5-2) disco_puppet: not-affected (3.8.5-2) eoan_puppet: not-affected (3.8.5-2) focal_puppet: not-affected (3.8.5-2) groovy_puppet: not-affected (3.8.5-2) hirsute_puppet: not-affected (3.8.5-2) impish_puppet: not-affected (3.8.5-2) jammy_puppet: not-affected (3.8.5-2) devel_puppet: not-affected (3.8.5-2) Patches_facter: upstream_facter: released (2.0.1-1) lucid_facter: ignored (reached end-of-life) precise_facter: ignored (reached end-of-life) precise/esm_facter: DNE (precise was needed) saucy_facter: ignored (reached end-of-life) trusty_facter: ignored (out of standard support) trusty/esm_facter: needed utopic_facter: not-affected (2.0.1-1ubuntu1) vivid_facter: not-affected (2.0.1-1ubuntu1) vivid/stable-phone-overlay_facter: DNE vivid/ubuntu-core_facter: DNE wily_facter: not-affected (2.0.1-1ubuntu1) xenial_facter: not-affected (2.0.1-1ubuntu1) yakkety_facter: not-affected (2.0.1-1ubuntu1) zesty_facter: not-affected (2.0.1-1ubuntu1) artful_facter: not-affected (2.0.1-1ubuntu1) bionic_facter: not-affected (2.0.1-1ubuntu1) cosmic_facter: not-affected (2.0.1-1ubuntu1) disco_facter: not-affected (2.0.1-1ubuntu1) eoan_facter: not-affected (2.0.1-1ubuntu1) focal_facter: not-affected (2.0.1-1ubuntu1) groovy_facter: not-affected (2.0.1-1ubuntu1) hirsute_facter: not-affected (2.0.1-1ubuntu1) impish_facter: not-affected (2.0.1-1ubuntu1) jammy_facter: not-affected (2.0.1-1ubuntu1) devel_facter: not-affected (2.0.1-1ubuntu1) Patches_mcollective: upstream_mcollective: needs-triage lucid_mcollective: DNE precise_mcollective: ignored (reached end-of-life) precise/esm_mcollective: DNE (precise was needed) saucy_mcollective: ignored (reached end-of-life) trusty_mcollective: ignored (reached end-of-life) trusty/esm_mcollective: DNE (trusty was needed) utopic_mcollective: ignored (reached end-of-life) vivid_mcollective: ignored (reached end-of-life) vivid/stable-phone-overlay_mcollective: DNE vivid/ubuntu-core_mcollective: DNE wily_mcollective: ignored (reached end-of-life) xenial_mcollective: not-affected (2.5.2+dfsg-1) yakkety_mcollective: ignored (reached end-of-life) zesty_mcollective: ignored (reached end-of-life) artful_mcollective: ignored (reached end-of-life) bionic_mcollective: not-affected (2.5.2+dfsg-1) cosmic_mcollective: not-affected (2.5.2+dfsg-1) disco_mcollective: not-affected (2.5.2+dfsg-1) eoan_mcollective: not-affected (2.5.2+dfsg-1) focal_mcollective: not-affected (2.5.2+dfsg-1) groovy_mcollective: not-affected (2.5.2+dfsg-1) hirsute_mcollective: not-affected (2.5.2+dfsg-1) impish_mcollective: not-affected (2.5.2+dfsg-1) jammy_mcollective: not-affected (2.5.2+dfsg-1) devel_mcollective: not-affected (2.5.2+dfsg-1)