NVD

Id
11731  
Name
CVE-2010-0156  
Description
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.  
Reject
 
CVSS Version
2  
CVSS Score
3.3  
Severity
Low  
CVSS Base Score
3.3  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
3.4  
CVSS Vector
(AV:L/AC:M/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-03-03  
Modified Date
2010-06-23  
Seq
2010-0156  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
64391 11731 CVE-2010-0156 [puppet-announce] 20100105 ANNOUNCE: Puppet 0.25.2 "Zoe" now available!  View
64392 11731 CVE-2010-0156 [puppet-announce] 20100108 ANNOUNCE: Puppet 0.24.9 is available  View
64393 11731 CVE-2010-0156 FEDORA-2010-1079  View
64394 11731 CVE-2010-0156 FEDORA-2010-1372  View
64395 11731 CVE-2010-0156 SUSE-SR:2010:013  View
64396 11731 CVE-2010-0156 https://bugzilla.redhat.com/show_bug.cgi?id=502881  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
39423 JVNDB-2010-005208 Puppet における任意のファイルを上書きされる脆弱性 Puppet には、任意のファイルを上書きされる脆弱性が存在します。 CVE-2010-0156 42736 CVE-2010-0156 11731 3.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005208.html 2010-03-03 2012-12-20 View