GHSA-92v7-pq4h-58j5

Suggest an improvement
Source
https://github.com/advisories/GHSA-92v7-pq4h-58j5
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-92v7-pq4h-58j5/GHSA-92v7-pq4h-58j5.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-92v7-pq4h-58j5
Aliases
Published
2017-10-24T18:33:36Z
Modified
2024-12-02T05:40:00.351658Z
Summary
facter, hiera, mcollective-client, and puppet affected by untrusted search path vulnerability
Details

Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.

Database specific
{
    "nvd_published_at": "2014-11-16T17:59:00Z",
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:27:08Z"
}
References

Affected packages

RubyGems / facter

Package

Name
facter
Purl
pkg:gem/facter

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.6

Affected versions

1.*

1.0.1
1.1.1
1.3.3
1.3.7
1.3.8
1.5
1.5.2
1.5.3
1.5.4
1.5.5
1.5.6
1.5.7
1.5.8
1.5.9
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.6.10
1.6.11
1.6.12.rc1
1.6.12.rc2
1.6.12
1.6.13.rc1
1.6.13
1.6.14.rc1
1.6.14
1.6.15.rc1
1.6.15
1.6.16
1.6.17.rc1
1.6.17
1.6.18.rc1
1.6.18
1.7.0.rc1
1.7.0.rc2
1.7.0
1.7.1.rc1
1.7.1
1.7.2.rc1
1.7.2
1.7.3.rc1
1.7.3
1.7.4.rc1
1.7.4
1.7.5.rc1
1.7.5.rc2
1.7.5

RubyGems / facter

Package

Name
facter
Purl
pkg:gem/facter

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.0.0
Fixed
2.0.2

Affected versions

2.*

2.0.1.rc1
2.0.1.rc2
2.0.1.rc3
2.0.1.rc4
2.0.1

RubyGems / hiera

Package

Name
hiera
Purl
pkg:gem/hiera

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.4

Affected versions

0.*

0.1.0
0.1.1
0.2.0
0.3.0

1.*

1.0.0rc4
1.0.0
1.1.0.rc1
1.1.0
1.1.1.rc1
1.1.1
1.1.2.rc1
1.1.2.rc2
1.1.2
1.2.0.rc1
1.2.0.rc2
1.2.0.rc3
1.2.0
1.2.1.rc1
1.2.1
1.3.0.rc2
1.3.0
1.3.1.rc1
1.3.1
1.3.2.rc1
1.3.2.rc2
1.3.2
1.3.3

RubyGems / puppet

Package

Name
puppet
Purl
pkg:gem/puppet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.26

Affected versions

0.*

0.9.2
0.13.0
0.13.1
0.13.2
0.13.6
0.16.0
0.18.4
0.22.4
0.23.0
0.23.1
0.23.2
0.24.0
0.24.1
0.24.2
0.24.3
0.24.4
0.24.5
0.24.6
0.24.7
0.24.8
0.24.9
0.25.0
0.25.1
0.25.2
0.25.3
0.25.4
0.25.5

2.*

2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.18
2.7.1
2.7.3
2.7.4
2.7.5
2.7.6
2.7.8
2.7.9
2.7.11
2.7.12
2.7.13
2.7.14
2.7.16
2.7.17
2.7.18
2.7.19
2.7.20.rc1
2.7.20
2.7.21
2.7.22
2.7.23
2.7.24
2.7.25

RubyGems / puppet

Package

Name
puppet
Purl
pkg:gem/puppet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.0.0
Fixed
3.6.2

Affected versions

3.*

3.0.0
3.0.1.rc1
3.0.1
3.0.2.rc1
3.0.2.rc2
3.0.2.rc3
3.0.2
3.1.0.rc1
3.1.0.rc2
3.1.0
3.1.1
3.2.0.rc1
3.2.0.rc2
3.2.1.rc1
3.2.1
3.2.2
3.2.3.rc1
3.2.3
3.2.4
3.3.0.rc2
3.3.0.rc3
3.3.0
3.3.1.rc1
3.3.1.rc2
3.3.1.rc3
3.3.1
3.3.2
3.4.0.rc1
3.4.0.rc2
3.4.0
3.4.1
3.4.2
3.4.3
3.5.0.rc1
3.5.0.rc2
3.5.0.rc3
3.5.1.rc1
3.5.1
3.6.0.rc1
3.6.0
3.6.1

RubyGems / mcollective-client

Package

Name
mcollective-client
Purl
pkg:gem/mcollective-client

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.2

Affected versions

1.*

1.3.3

2.*

2.0.0
2.2.0
2.2.1
2.2.2
2.2.3
2.2.4
2.4.0
2.4.1
2.5.0.rc1
2.5.0
2.5.1