CVE-2012-3867

Public Exploit

Description

lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.

References

Link	Tags
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html	third party advisory vendor advisory
http://www.debian.org/security/2012/dsa-2511	third party advisory vendor advisory
http://www.ubuntu.com/usn/USN-1506-1	third party advisory vendor advisory
http://secunia.com/advisories/50014	third party advisory
http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html	third party advisory vendor advisory
http://puppetlabs.com/security/cve/cve-2012-3867/	vendor advisory
https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640	issue tracking exploit patch
https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50	issue tracking exploit patch
https://bugzilla.redhat.com/show_bug.cgi?id=839158	issue tracking

Frequently Asked Questions

What is the severity of CVE-2012-3867?: CVE-2012-3867 has been scored as a medium severity vulnerability.
How to fix CVE-2012-3867?: To fix CVE-2012-3867, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2012-3867 being actively exploited in the wild?: It is possible that CVE-2012-3867 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~2% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-264 – Permissions, Privileges, and Access Controls

References

Frequently Asked Questions