CVE-2012-1988 (Arbitrary Code Execution)
A bug in Puppet can be used to execute arbitrary code on the puppet master.
If a file whose full path contains an executable command string is created on the puppet master system, it is possible to cause Puppet to execute the embedded command by crafting a malicious file bucket request. This requires access to agent SSL keys and the ability to create directories and files on the puppet master system.
- Resolved in Puppet 2.6.15 (source), 2.7.13 (source), rpm, deb
- Resolved in Puppet Enterprise 1.2.5 and 2.5.1
- Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x