Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2013-1653
Description:Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to the "run" REST endpoint is allowed, allows remote authenticated users to execute arbitrary code via a crafted HTTP request.
Test IDs: 1.3.6.1.4.1.25623.1.1.4.2013.0618.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-1653
BugTraq ID: 58446
http://www.securityfocus.com/bid/58446
Debian Security Information: DSA-2643 (Google Search)
http://www.debian.org/security/2013/dsa-2643
http://secunia.com/advisories/52596
SuSE Security Announcement: SUSE-SU-2013:0618 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:0641 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
http://ubuntu.com/usn/usn-1759-1




© 1998-2021 E-Soft Inc. All rights reserved.