Puppetlabs Mcollective-puppet-agent 1.11.0 option Execute Code Vulnerability

Summary

The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows remote attackers to execute arbitrary code via vectors involving the –server argument.

Credit:

The original article can be found at: http://www.securityfocus.com/bid/92432


Details

Vulnerable Systems:
 * Puppetlabs Mcollective-puppet-agent 1.11.0

Puppet Enterprise previously included a puppet-agent MCollective plugin that allowed you to pass the `–server` argument to MCollective. This insecure argument enabled remote code execution via connection to an untrusted host. The puppet-agent MCollective version included in PE 2016.2.1, this option is disabled by default.

CVE Information:
CVE-2015-7331

Disclosure Timeline:
Publish Date : 2017-01-30
Last Update Date : 2017-02-24

Categories: News