Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2013-1654
Description:Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to conduct SSLv2 downgrade attacks against SSLv3 sessions via unspecified vectors.
Test IDs: 1.3.6.1.4.1.25623.1.0.892643   1.3.6.1.4.1.25623.1.0.702643   1.3.6.1.4.1.25623.1.1.4.2013.0618.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-1654
BugTraq ID: 64758
http://www.securityfocus.com/bid/64758
Debian Security Information: DSA-2643 (Google Search)
http://www.debian.org/security/2013/dsa-2643
RedHat Security Advisories: RHSA-2013:0710
http://rhn.redhat.com/errata/RHSA-2013-0710.html
http://secunia.com/advisories/52596
SuSE Security Announcement: SUSE-SU-2013:0618 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:0641 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html
http://ubuntu.com/usn/usn-1759-1




© 1998-2021 E-Soft Inc. All rights reserved.