Vulnerability Description
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Puppet | Puppet | 2.6.0 |
| Puppetlabs | Puppet | 2.7.0 |
| Puppet | Puppet Enterprise | 1.2.0 |
| Puppetlabs | Puppet Enterprise Users | 1.0 |
Related Weaknesses (CWE)
References
- http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348Patch
- http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerabilit
- http://secunia.com/advisories/46550Vendor Advisory
- http://secunia.com/advisories/46578Vendor Advisory
- http://secunia.com/advisories/46934
- http://secunia.com/advisories/46964
- http://www.securityfocus.com/bid/50356
- http://www.ubuntu.com/usn/USN-1238-1
- http://www.ubuntu.com/usn/USN-1238-2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
- https://puppet.com/security/cve/cve-2011-3872
- http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348Patch
- http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerabilit
- http://secunia.com/advisories/46550Vendor Advisory
- http://secunia.com/advisories/46578Vendor Advisory
FAQ
What is CVE-2011-3872?
CVE-2011-3872 is a vulnerability with a CVSS score of 2.6 (LOW). Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to t...
How severe is CVE-2011-3872?
CVE-2011-3872 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-3872?
Check the references section above for vendor advisories and patch information. Affected products include: Puppet Puppet, Puppetlabs Puppet, Puppet Puppet Enterprise, Puppetlabs Puppet Enterprise Users.