Overview

CVE-2012-1988 (Arbitrary Code Execution)

A bug in Puppet can be used to execute arbitrary code on the puppet master.

If a file whose full path contains an executable command string is created on the puppet master system, it is possible to cause Puppet to execute the embedded command by crafting a malicious file bucket request. This requires access to agent SSL keys and the ability to create directories and files on the puppet master system.

Status

• Resolved in Puppet 2.6.15 (source), 2.7.13 (source), rpm, deb
• Resolved in Puppet Enterprise 1.2.5 and 2.5.1
• Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x

Hotfixes

• http://puppetlabs.com/security/cve/cve-2012-1988/hotfixes/