Launchpad.net

CVE 2011-3872

Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and 1.2 before 1.2.4, when signing an agent certificate, adds the Puppet master's certdnsnames values to the X.509 Subject Alternative Name field of the certificate, which allows remote attackers to spoof a Puppet master via a man-in-the-middle (MITM) attack against an agent that uses an alternate DNS name for the master, aka "AltNames Vulnerability."

Related bugs and status

CVE-2011-3872 (Candidate) is related to these bugs:

Bug #881361: puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5

		In	Importance	Status
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu)	High	Invalid
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu Oneiric)	High	Invalid
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu Precise)	High	Invalid
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu Natty)	High	Fix Released
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu Lucid)	High	Invalid
881361	puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5	puppet (Ubuntu Maverick)	High	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://groups.google.c...
CONFIRM: http://puppetlabs.com/...
UBUNTU: USN-1238-1
UBUNTU: USN-1238-2
BID: 50356
SECUNIA: 46550
SECUNIA: 46578
SECUNIA: 46934
SECUNIA: 46964
XF: puppet-x509-spoofing(7...
CONFIRM: https://puppet.com/sec...