Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-917-1: Puppet vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-917-1: Puppet vulnerabilities
# 1  
Old 03-24-2010
USN-917-1: Puppet vulnerabilities
Referenced CVEs:
CVE-2009-3564, CVE-2010-0156


Description:
=========================================================== Ubuntu Security Notice USN-917-1 March 24, 2010 puppet vulnerabilities CVE-2009-3564, CVE-2010-0156 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: puppet 0.24.8-2ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. (CVE-2009-3564) It was discovered that Puppet did not correctly handle temporary files. A local user can exploit this flaw to bypass security restrictions and overwrite arbitrary files. (CVE-2010-0156)





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

puppetdoc

PUPPET-DOC(8)							   Puppet manual						     PUPPET-DOC(8)

NAME

       puppet-doc - Generate Puppet documentation and references

SYNOPSIS

       Generates a reference for all Puppet types. Largely meant for internal Puppet Labs use.

USAGE

       puppet  doc  [-a|--all]	[-h|--help]  [-o|--outputdir  rdoc-outputdir] [-m|--mode text|pdf|rdoc] [-r|--reference reference-name] [--charset
       charset] [manifest-file]

DESCRIPTION

       If mode is not 'rdoc', then this command generates a Markdown document describing all installed Puppet types or all allowable arguments	to
       puppet  executables.  It  is largely meant for internal use and is used to generate the reference document available on the Puppet Labs web
       site.

       In 'rdoc' mode, this command generates an html RDoc hierarchy describing the manifests that are in 'manifestdir' and 'modulepath'  configu-
       ration directives. The generated documentation directory is doc by default but can be changed with the 'outputdir' option.

       If the command is run with the name of a manifest file as an argument, puppet doc will output a single manifest's documentation on stdout.

OPTIONS

       --all  Output the docs for all of the reference types. In 'rdoc' mode, this also outputs documentation for all resources.

       --help Print this help message

       --outputdir
	      Used only in 'rdoc' mode. The directory to which the rdoc output should be written.

       --mode Determine  the  output mode. Valid modes are 'text', 'pdf' and 'rdoc'. The 'pdf' mode creates PDF formatted files in the /tmp direc-
	      tory. The default mode is 'text'. In 'rdoc' mode you must provide 'manifests-path'

       --reference
	      Build a particular reference. Get a list of references by running 'puppet doc --list'.

       --charset
	      Used only in 'rdoc' mode. It sets the charset used in the html files produced.

       --manifestdir
	      Used only in 'rdoc' mode. The directory to scan for stand-alone manifests. If not supplied, puppet doc will use the manifestdir from
	      puppet.conf.

       --modulepath
	      Used only in 'rdoc' mode. The directory or directories to scan for modules. If not supplied, puppet doc will use the modulepath from
	      puppet.conf.

       --environment
	      Used only in 'rdoc' mode. The configuration environment from which to read the modulepath and  manifestdir  settings,  when  reading
	      said settings from puppet.conf. Due to a known bug, this option is not currently effective.

EXAMPLE

       $ puppet doc -r type > /tmp/type_reference.markdown

       or

	   $ puppet doc --outputdir /tmp/rdoc --mode rdoc /path/to/manifests

       or

	   $ puppet doc /etc/puppet/manifests/site.pp

       or

	   $ puppet doc -m pdf -r configuration

AUTHOR

       Luke Kanies

COPYRIGHT

       Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License

Puppet Labs, LLC						     June 2012							     PUPPET-DOC(8)