Posted February 13, 2013
This vulnerability affects Rack, a middleware component of Puppet Enterprise used by the master and console roles. Specifically, it affects Rack::Session::Cookie.
The vulnerability could allow remote attackers to guess the session cookie. This could let them gain privileges and then execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.
- Hotfixes available for Puppet Enterprise 1.2.6 and 2.7.1