CVE-2011-3870 — Puppet allows local users to modify the permissions of arbitrary files

Description

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.

How to fix CVE-2011-3870

To remediate CVE-2011-3870, upgrade the affected package to a fixed version below.

Debian/puppet—upgrade to 2.7.3-3 or later
RubyGems/puppet—upgrade to 2.7.5 or later

Is CVE-2011-3870 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 2.7.3-3
>= 2.7.0, < 2.7.5

References (14)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2011-3870
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-3870
PATCHgithub.com/puppetlabs/puppet
WEBgroups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb