CVE-2012-1988

Name of the Vulnerable Software and Affected Versions Puppet versions 2.6.x through 2.6.14 Puppet versions 2.7.x through 2.7.12 Puppet Enterprise (PE) Users versions 1.0 through 1.2.x Puppet Enterprise (PE) Users versions 2.0.x through 2.5.0

Description The issue allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands. This can be achieved by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request. Exploitation of the issue may lead to a violation of confidentiality, integrity, and availability of protected information.

Recommendations For Puppet versions 2.6.x through 2.6.14, update to version 2.6.15 or later. For Puppet versions 2.7.x through 2.7.12, update to version 2.7.13 or later. For Puppet Enterprise (PE) Users versions 1.0 through 1.2.x, update to a version after 2.5.1. For Puppet Enterprise (PE) Users versions 2.0.x through 2.5.0, update to version 2.5.1 or later. As a temporary workaround, consider restricting file-creation permissions on the puppet master to minimize the risk of exploitation.