Posted July 15, 2014
Assessed Risk Level: low
Due to a vulnerability in OpenSSL versions 1.0.0 and 1.0.1, if SSL_MODE_RELEASE_BUFFERS is enabled, an attacker could cause a denial of service. This affected agents running on the following operating systems: Solaris 10, Windows, and AIX.
CVSS v2 score: 1.9 with Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C
Status:
Affected Platforms:
Puppet Enterprise 3.2 (Solaris, Windows, AIX)
Resolved in:
Puppet Enterprise 3.3.0