CVE-2012-3865 (Arbitrary file delete/D.O.S on Puppet Master)
A bug in Puppet allows authenticated clients to delete arbitrary files on the puppet master.
Given a Puppet master with the “Delete” method allowed in auth.conf for an authenticated host, an attacker on that host can send a specially crafted Delete request that can cause an arbitrary file deletion on the Puppet master, potentially causing a denial of service attack. Note that this vulnerability does *not* exist in Puppet as configured by default; auth.conf must first be edited to enable deletion.
- Resolved in Puppet 2.6.17 (source), 2.7.18 (source), rpm, deb, dmg, windows
- Resolved in Puppet Enterprise 1.2.5 and 2.5.2
- Hotfixes available for Puppet Enterprise 1.0, 1.1, 1.2.x, and 2.0.x