Local Privilege Escalation via Symlink Attack in Puppet

Local Privilege Escalation via Symlink Attack in Puppet

CVE-2013-4969 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.

Learn more about our User Device Pen Test.