Amazon Linux: Security Advisory (ALAS-2013-181)
Information
Severity
Severity
Critical
Family
Family
Amazon Linux Local Security Checks
CVSSv2 Base
CVSSv2 Base
9.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:S/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
6 years ago
Modified
Modified
5 months ago
Summary
The remote host is missing an update announced via the referenced Security Advisory.
Insight
Insight
The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request.
Solution
Solution
Run yum update puppet to update your system.
Common Vulnerabilities and Exposures (CVE)
Free Vulnerability Scanner
Mageni can help you to scan, assess and manage your vulnerabilities.