FKIE_CVE-2011-3872

Vulnerability from fkie_nvd - Published: 2011-10-27 20:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."
References
cve@mitre.orghttp://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1Patch
cve@mitre.orghttp://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
cve@mitre.orghttp://secunia.com/advisories/46550Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/46578Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/46934
cve@mitre.orghttp://secunia.com/advisories/46964
cve@mitre.orghttp://www.securityfocus.com/bid/50356
cve@mitre.orghttp://www.ubuntu.com/usn/USN-1238-1
cve@mitre.orghttp://www.ubuntu.com/usn/USN-1238-2
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/70970
cve@mitre.orghttps://puppet.com/security/cve/cve-2011-3872
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1Patch
af854a3a-2127-422b-91ae-364da2661108http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46550Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46578Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46934
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46964
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/50356
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1238-1
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1238-2
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/70970
af854a3a-2127-422b-91ae-364da2661108https://puppet.com/security/cve/cve-2011-3872
Impacted products
Vendor Product Version
puppet puppet 2.6.0
puppet puppet 2.6.1
puppet puppet 2.6.2
puppet puppet 2.6.3
puppet puppet 2.6.4
puppet puppet 2.6.5
puppet puppet 2.6.6
puppet puppet 2.6.7
puppet puppet 2.6.8
puppet puppet 2.6.9
puppet puppet 2.6.10
puppet puppet 2.6.11
puppet puppet 2.7.2
puppet puppet 2.7.3
puppet puppet 2.7.4
puppet puppet 2.7.5
puppetlabs puppet 2.7.0
puppetlabs puppet 2.7.1
puppet puppet_enterprise 1.2.0
puppet puppet_enterprise 1.2.1
puppet puppet_enterprise 1.2.2
puppet puppet_enterprise 1.2.3
puppetlabs puppet_enterprise_users 1.0
puppetlabs puppet_enterprise_users 1.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BEF50EE-4E4B-4641-BA34-B5024F1EF683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC72248-FD33-4CA0-A16E-0A174A864257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CEFB16E-261F-4B81-BCBE-536CAD2EC44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "652D28FC-7133-4C5F-95D9-3468548465B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEEEE59D-BC0E-4107-B55D-9B182825E557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4ED400E-48F7-475B-A87C-A14EC63DD93D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D827D4C2-7438-4EDD-9025-38D46CD5153C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E73C341A-6C07-4820-B1D3-4616B634F380",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "61381D4C-972F-4979-84D2-793E4C60E23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8C2A71-0277-4426-8627-D6FD275EFC62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB3C44C-2C6C-496C-9D2E-C43FFB493C42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2656B0-9606-477B-BEB3-35746218BF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE56BA6B-BDC4-431E-81FD-D7ED5E8783E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDDDFB28-1971-4CCD-93D2-ABC08FE67F4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "508105B4-619A-4A9D-8B2F-FE5992C1006A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DB96A5-A57D-452F-A452-98B11F51CAE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E5192CB-094F-469E-A644-2255C4F44804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D17D2752-CB0D-4CC8-8604-FEBF8DEE16E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A584D14-197E-47EB-B394-B8B211D4B502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFF8F62F-8782-4FD2-BC14-3F9E46881F0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36A3FDB9-F599-4999-A6B9-C82C7DAF5A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppet:puppet_enterprise:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "41C07E3C-4F96-4B91-8B2D-09076749FF2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1C09E3-88DB-4022-B4B4-8FEE5D9CB57B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:puppetlabs:puppet_enterprise_users:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD5ED72A-0C75-4680-8283-E0AE47780B3E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master\u0027s certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka \"AltNames Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Puppet v2.6.x antes de v2.6.12 y v2.7.x antes de v2.7.6, y Puppet Enterprise (PE) Users v1.0, v1.1, y v1.2 antes de v1.2.4, al firmar un certificado de agente, a\u00f1ade los valores de Puppet master\u0027s certdnsnames al campo X.509 Subject Alternative Name, lo que permite a atacantes remotos falsificar un Puppet master a trav\u00e9s de un ataque \"Man-in-the-middle\" contra un agente que utilice un nombre alternativo de DNS para el maestro, tambi\u00e9n conocido como \"Vulnerabilidad AltNames.\""
    }
  ],
  "id": "CVE-2011-3872",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-10-27T20:55:01.760",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46550"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46578"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46934"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46964"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/50356"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-1238-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-1238-2"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://puppet.com/security/cve/cve-2011-3872"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/puppet-announce/browse_thread/thread/e7edc3a71348f3e1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46964"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/50356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1238-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1238-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70970"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://puppet.com/security/cve/cve-2011-3872"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.