Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2010-0156

Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v2 Score 3.3
References
Products affected by CVE-2010-0156
  • Puppet » Puppet » Version: 0.24.3
    cpe:2.3:a:puppet:puppet:0.24.3
  • Puppet » Puppet » Version: 0.24.4
    cpe:2.3:a:puppet:puppet:0.24.4
  • Puppet » Puppet » Version: 0.24.5
    cpe:2.3:a:puppet:puppet:0.24.5
  • Puppet » Puppet » Version: 0.24.6
    cpe:2.3:a:puppet:puppet:0.24.6
  • Puppet » Puppet » Version: 0.24.7
    cpe:2.3:a:puppet:puppet:0.24.7
  • Puppet » Puppet » Version: 0.24.8
    cpe:2.3:a:puppet:puppet:0.24.8
  • Puppet » Puppet » Version: 0.25.0
    cpe:2.3:a:puppet:puppet:0.25.0
  • Puppet » Puppet » Version: 0.25.1
    cpe:2.3:a:puppet:puppet:0.25.1
  • Puppet » Puppet » Version: 0.25.2
    cpe:2.3:a:puppet:puppet:0.25.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved