1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2013-4965
PublicDate: 2013-10-25
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4965
http://puppetlabs.com/security/cve/cve-2013-4965
http://osvdb.org/98640
Description:
Puppet Enterprise before 3.1.0 does not properly restrict the number of
authentication attempts by a console account, which makes it easier for
remote attackers to bypass intended access restrictions via a brute-force
attack.
Ubuntu-Description:
Notes:
mdeslaur> seems to only affect Puppet Enterprise
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
Patches_puppet:
upstream_puppet: not-affected
lucid_puppet: ignored (reached end-of-life)
precise_puppet: not-affected
quantal_puppet: not-affected
raring_puppet: not-affected
saucy_puppet: not-affected
devel_puppet: not-affected
|