CVE-2010-0156

Priority
Description
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to
overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout,
(2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux
temporary file.
Notes
More Information

Updated: 2019-12-05 20:54:19 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)